Secured Virtual Machine Language

Secured Virtual Machine Language

Secured Virtual Machine Language

The Code Protectorapplication transforms MSIL–which is easy to reverse engineer–into a uniqueSecure Virtual Machine Language (SVML)–which is not.

Microsoft® Software Licensing and Protection Services offersa family of products designed as a complete solution that addresses theweaknesses in earlier protection mechanisms. It begins with the tools thatprovide customer-and application-specific code transformations–SLP CodeProtector and Permutations–to help protect you software, then goes further toprovide a platform for license enforcement and management and productactivation with SLP Server 2008 or the SLP Online Service combined withActivation Packs.

At the heart of SLP Services is an innovative and uniqueapproach to Microsoft .NET code protection: the Secure Virtual Machine (SVM).

As opposed to the method of protecting source code throughencryption discussed above–where the encrypted code must be decrypted back intoMSIL before it can be executed by the CLR–SLP Services use the Secure VirtualMachine which directly processes the protected code in the form of SecureVirtual Machine Language (SVML). Because the SVML is never converted back intothe original MSIL, one significant gap in the protection of software has beenclosed.

Further, each instance of the SVM is a unique “virtual CPU”that resides inside your application. Because each SVM is unique, each versionof the SVML must also be unique. This closes another security hole–if the SVMLfor one company was somehow compromised, the security breach would be limitedto just that company or application. This combination of the unique SVM; theunique SVML, which runs on it; and the transformation process, which convertsfrom MSIL into that unique SVML, is called a Permutation. The SLP Code Protectorapplication takes the Permutation and uses it to help protect the classes andmethods you specify. In addition, the SVM is inserted directly into theapplication assemblies. There are no external libraries to be included whichcan be hacked, nor any embedded keys which can be discovered and used toreverse engineer the protected code.

This selective, one-way code transformation mechanism provides a greater level of protection forhighly sensitive intellectual property. Because transformed code is practicallyunreadable, there is minimal risk of in-memory code compromise on clientmachines.

The SVM not only executes the transformed SVML, but it alsoacts as the gateway to the protected functionality, enforcing licensing rules,monitoring usage, and managing secure communication to the SLP Services serversand other network components. The SLP Code Protector Software Development Kit(SDK) allows even more precise control, enabling specialized licensingscenarios.

Protection vs.Performance

In the earlier analogy about baking a cake from a recipe, itwas assumed that you had to protect the entire recipe. Of course, there is alot of similarity between cake recipes, and it is unnecessary to protect theentire recipe, just those parts of it that make it unique. This would do littleto reduce the security of the recipe, but makes it much faster to read–onlythose secret ingredients need to be decrypted. Similarly, because the SVM needsto interpret the SVML code, and runs on top of the CLR, there is a performanceelement to the equation that needs to be addressed. You do not want to protectthe entire code base, because it would slow the whole application down and addlittle to overall security. Instead, you want to protect only what isnecessary: the secret ingredient. Protecting just the code you need to–liketrade secrets, security methods, and clues to your corporateinfrastructure–allows you to balance protection with performance.


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Automated teller machine — cash machine redirects here. For the Hard Fi song, see Cash Machine. An NCR Personas 75 Series interior, multi function ATM in the United States …   Wikipedia

  • Microsoft Software Licensing and Protection Services — Microsoft Software Licensing and Protection Services, also known as Microsoft SLPS, is a Software Licensing Suite that provides developers with the ability to license software, create license versions, and track performance of products and… …   Wikipedia

  • Operating system — Operating systems …   Wikipedia

  • IBM System/36 — The IBM System/36 was a minicomputer marketed by IBM from 1983 to 2000. It was a multi user, multi tasking successor to the System/34. Like the System/34 and the older System/32, the System/36 was primarily programmed in the RPG II language. One… …   Wikipedia

  • Système d'exploitation pour carte à puce — Les systèmes d exploitation pour carte à puce aussi appelés COS[note 1] assurent fondamentalement les mêmes fonctions que les autres systèmes d exploitation, mais dans un contexte matériel où les limitations matérielles et les problématiques de… …   Wikipédia en Français

  • Keystroke logging — (often called keylogging) is a method of capturing and recording user keystrokes. The technique and name came from before the era of the graphical user interface; loggers nowadays would expect to capture mouse operations too. Keylogging can be… …   Wikipedia

  • Linux — This article is about operating systems that use the Linux kernel. For the kernel itself, see Linux kernel. For other uses, see Linux (disambiguation). Linux …   Wikipedia

  • Plan 9 from Bell Labs — Infobox OS name = Plan 9 from Bell Labs caption = Glenda, the Plan 9 Bunny developer = Bell Labs source model = Free software/Open source kernel type = Hybrid supported platforms = x86, MIPS, DEC Alpha, SPARC, PowerPC, ARM ui = rio / rc family =… …   Wikipedia

  • SecureLM — is a registered trademark for Secured Dimensions (a Microsoft subsidiary). SecureLM is a software package which has four solutions for software life cycle management. SecureLM uses Virtual Machines to obfuscate a program s source code making it… …   Wikipedia

  • Internet Explorer 8 — Windows Internet Explorer 8 A component of Microsoft Windows Internet Explorer 8 in Windows 7 …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”