Re: How to protect intellectual property?

From: Keith Patrick (richard_keith_patrick_at_hotmail.com)
Date: 07/07/03 

Date: Mon, 7 Jul 2003 12:51:12 -0500

Your code will always be able to be be decompiled and rewritten. You can
obfuscate your code (VS.Net2003 comes with an obfuscator) to make it harder
to read the disassembled code, but a skilled coder could still do it. If
you want to prevent unauthorized assemblies from calling your assembly, you
can put attributes before your methods prohibiting callers to specific
signed assemblies:

[StrongNameIdentityPermissionAttribute(SecurityAction.Demand,
PublicKey="<key of assembly allowed to call me>")]
public void Foo() {
}

Please note, though, that any single security measure is not guaranteed, but
the more security measures you take mean your code is that much more secure.
"Konstantin Kipa" <konstantin@metaobjects.net> wrote in message
news:uIk$lMJRDHA.3796@tk2msftngp13.phx.gbl...
> Hi all!
>
> I am developing commercial software using Microsoft .NET. The only concern
I
> have is how to protect the code from being used by someone else. Lets say,
> I've developed a nice component that I use across several applications. I
> will deploy an assembly to the GAC. But anyone can just use it, copy it
and
> deploy it...
>
> Even more, anyone can decompile it using ildasm, change namespaces and
> component names and compile it back with ilasm. Having tools like Anakrino
> will provide the full access to my code, so it wouldn't be difficult to
> reproduce or reuse it without my permission.
>
> Tools like obfuscators cannot stop anyone, they rather make it difficult
for
> me to maintain and deploy the new versions of my assemblies.
>
> Is there a How-To on assemblies protection?
>
> This is just the top of the iceberg. What about my application protection
> from hackers? Is there a ready to use protection system that I can use (or
> at least a How-To). I am developing try-before-you-buy software,
therefore,
> I need a trial period to be available for user and be able to run fully
> functional app upon receiving a license (a key).
>
> Thanks in advance
>
> ---
> Konstantin
>
>

Relevant Pages

  • Re: Protecting assemblies from being used outside a company/group/team
    ... You could sign the assembly with a public key, ... obfuscate the code to make it much harder to reverse and inspect the code. ... > As I feared, yeah, there is no bulelt proof protection if my application ... >> protecting our assemblies from being used by other people. ...
    (microsoft.public.dotnet.security)
  • Re: Breaking .NET Compact Framework code - how easy is it
    ... that nor ILDASM and Reflector can decompile my IV and Key ... >> Simon, ... >>>assemblies should be common practice anyway. ... >>>code) you are able to decompile the assembly to source code successfully. ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: protection ageinst pirates
    ... Strong-naming an assembly provides protection for the CALLER of your ... If the attacker has admin rights AND access to all of your assemblies, ...
    (microsoft.public.dotnet.security)
  • Re: sorry i didnt saw your reply :)
    ... which uses the SQL assemblies. ... What version of Dotfuscator are you using? ... "Are you trying to obfuscate the signed assembly SqlServerCe?" ...
    (microsoft.public.dotnet.framework.compactframework)
  • RE: Protecting assemblies from being used outside a company/group/team
    ... As I feared, yeah, there is no bulelt proof protection if my application ... will be locally installed in the client machines. ... Just for the sake of knowledge: yeah there is a way to "assign" a PublicKey ... > protecting our assemblies from being used by other people. ...
    (microsoft.public.dotnet.security)