Secured Virtual Machine Language

Secured Virtual Machine Language

The Code Protectorapplication transforms MSIL–which is easy to reverse engineer–into a uniqueSecure Virtual Machine Language (SVML)–which is not.

Microsoft® Software Licensing and Protection Services offersa family of products designed as a complete solution that addresses theweaknesses in earlier protection mechanisms. It begins with the tools thatprovide customer-and application-specific code transformations–SLP CodeProtector and Permutations–to help protect you software, then goes further toprovide a platform for license enforcement and management and productactivation with SLP Server 2008 or the SLP Online Service combined withActivation Packs.

At the heart of SLP Services is an innovative and uniqueapproach to Microsoft .NET code protection: the Secure Virtual Machine (SVM).

As opposed to the method of protecting source code throughencryption discussed above–where the encrypted code must be decrypted back intoMSIL before it can be executed by the CLR–SLP Services use the Secure VirtualMachine which directly processes the protected code in the form of SecureVirtual Machine Language (SVML). Because the SVML is never converted back intothe original MSIL, one significant gap in the protection of software has beenclosed.

Further, each instance of the SVM is a unique “virtual CPU”that resides inside your application. Because each SVM is unique, each versionof the SVML must also be unique. This closes another security hole–if the SVMLfor one company was somehow compromised, the security breach would be limitedto just that company or application. This combination of the unique SVM; theunique SVML, which runs on it; and the transformation process, which convertsfrom MSIL into that unique SVML, is called a Permutation. The SLP Code Protectorapplication takes the Permutation and uses it to help protect the classes andmethods you specify. In addition, the SVM is inserted directly into theapplication assemblies. There are no external libraries to be included whichcan be hacked, nor any embedded keys which can be discovered and used toreverse engineer the protected code.

This selective, one-way code transformation mechanism provides a greater level of protection forhighly sensitive intellectual property. Because transformed code is practicallyunreadable, there is minimal risk of in-memory code compromise on clientmachines.

The SVM not only executes the transformed SVML, but it alsoacts as the gateway to the protected functionality, enforcing licensing rules,monitoring usage, and managing secure communication to the SLP Services serversand other network components. The SLP Code Protector Software Development Kit(SDK) allows even more precise control, enabling specialized licensingscenarios.

Protection vs.Performance

In the earlier analogy about baking a cake from a recipe, itwas assumed that you had to protect the entire recipe. Of course, there is alot of similarity between cake recipes, and it is unnecessary to protect theentire recipe, just those parts of it that make it unique. This would do littleto reduce the security of the recipe, but makes it much faster to read–onlythose secret ingredients need to be decrypted. Similarly, because the SVM needsto interpret the SVML code, and runs on top of the CLR, there is a performanceelement to the equation that needs to be addressed. You do not want to protectthe entire code base, because it would slow the whole application down and addlittle to overall security. Instead, you want to protect only what isnecessary: the secret ingredient. Protecting just the code you need to–liketrade secrets, security methods, and clues to your corporateinfrastructure–allows you to balance protection with performance.