Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vadim Matkarimov2016-09-27 19:21:45
Computer networks
Vadim Matkarimov, 2016-09-27 19:21:45

How to implement the protection of the application by its "hardware" and further authorization on the server?

The application uses a connection to the partner's server to receive a large amount of data and their subsequent processing on the client side. To connect to the partner's server, authorization (login, password) is required.
Task:
To secure the software so that at first there is a connection to my server and only after authorization on my server, the client connects to the partner.
I am planning a server on .net core infrastructure, Debian operating system. I am also considering the option with Azure, but at this stage this is not necessary.
Goals:
- Secure the software;
- Make monetization more efficient, by monthly subscription;
- Check that the program is running on only one device should work;
- Binding to PC hardware must be implemented. At the first start, a unique key is assigned to the corresponding login on my server, which is rigidly tied to the hardware, and if the user has demo status, then when the demo account was launched on another PC, another key was saved on the server and assigned to the data user, and the demo account ended exactly on its expiration date. When you re-register a demo and run the software on a computer, this demo account is blacklisted and assigned to this user, if the program has already been launched on this PC before and the time of the previous demo account has expired.
This measure is necessary so that users cannot cheat the system by constantly registering new demo accounts, re-installing the OS or creating virtual machines. This is a good incentive to purchase/renew a paid subscription.
My server will also collect statistics on the client, but in the future.
--
Questions:

  1. How best to implement this task, understanding the fact that connection data to a partner server must be transmitted over the network, only after authorization on my server?
    We need a detailed answer, from people who have already implemented the tasks of such a plan. Perhaps you have a better solution than passing such data.
  2. Which connection is better to implement in this case, http or socket, please write links to interesting libraries for implementing socket connections (C#, .net), if any?
  3. How to transfer such data, encrypt it or not, what ready-made solutions exist, please write links to such solutions (C#, .net), if any?
  4. What ready-made solutions exist to obtain all the basic characteristics of PC hardware, processes, hard drive, video card, mat. board, etc., further converting these characteristics into a unique key? Interested in a library on the .net platform, C# language.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
M
MrDywar Pichugin, 2016-09-27
@Dywar

After all, you read the news, crack bands post their work regularly for new products of IGR, Software.
.net and c/c++/asm will open in a couple of hours if desired.
Attached to the hardware - calls with complaints, HDD / CPU / Motherboard was replaced and the program does not start. Break off faster than write.
All important checks on the server, the client will break everything if desired.
The login password should be enough, or think that the thread, but with the growth of popularity they will bypass.
VM - vmware has settings, VM detection will work if you write it yourself or use a not too common way to use it.
The client should not connect directly to the partner, they will find out via wireshark/netstat/... ip, and you will be bypassed in this chain.
Encrypt the data via https, there will be no problems, the firewall will miss it.
The program installation flags on the PC are bypassed quickly, they take a snapshot of the PC state, install your software, remove it, take 1 more snapshot. 2 snapshots are compared, the presence flag of the program installation is found. MS even has such a utility, I forgot the name.
If you want protection - use virtual machines (~VMProtec), medium and higher qualifications are needed to hack them.

Report
R
Roman, 2016-09-28
@yarosroman

Create a three-tier structure, and implement all the business logic on your server, the client is just for viewing. As an example of Diablo 3, everything is implemented on the Blizzard server, the game itself only draws the data received from the server, as a result, no one broke it, it makes no sense.

Similar questions
T
Tlito2015-09-13 19:29:59
Are there ready-made services for integrating TV broadcasts of Russian channels on the site? 0Reply
U
Unrecoverable Recursion2017-08-18 01:29:31
How to set up a homegroup? 2Reply
1
1Tima12020-01-22 08:15:29
Could there be gigabyte inflation? 6Reply
A
Andrey Novikov2015-09-16 16:09:26
What are the intermediary services for the sale of digital goods? 3Reply
B
Breeze12017-08-21 11:58:30
Can you see the ip address? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question