如何将我的应用程序与特定硬件绑定?
我有一个 C# .NET 应用程序。该应用程序与硬件紧密耦合。想想 ATM 机、开车亭之类的东西。我希望我的应用程序能够确保它在我们的硬件上运行。我们最初的计划是使用 WMI 获取 CPU、操作系统、HD 或其他硬件的序列号,对其进行数字签名,并将该签名与软件一起发送。然后,应用程序将使用公钥来验证签名。有更好的方法吗?
更新 1
我们不需要加密狗或搭扣。系统之外没有任何东西。
I have a C# .NET app. This application is tightly coupled to a piece of hardware. Think ATM, drive up kiosk kinda thing. I want a way for my application to assure it is being run on our hardware. Our initial plan was to get the serial number of the CPU, OS, HD, or other hardware with WMI, digitally sign that, and ship that signature with the software. The application would then have the public key in it to verify the signature. Is there a better way to do this?
Update 1
We dont want a dongle or a hasp. Nothing external to the system.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
是的,您将拥有一个半安全系统。它可以防止在不同的硬件上运行。它还将阻止对该硬件进行某些形式的维护。
像往常一样,它不会阻止任何人反编译和更改您的软件。
Yes, you would have a semi-safe system. It can prevent running on different hardware. It will also prevent some forms of maintenance of that hardware.
It will, as usual, not prevent anyone from decompiling and changing your software.
我们通过签署 XML 文件来对软件许可执行类似的操作,尽管我们的文件不与任何硬件绑定。同样的概念也适用。效果很好。
您还需要使用某种混淆工具来保护您的 .NET 代码,我们使用 {smartassemble} 但还有其他几个。
请记住,无论您做什么,只要有足够的时间和资源,就有人可以绕过它。
这并不意味着您不应该保护您的知识产权,但在某个点上,您的回报会递减,并且会给您和您的客户带来更多的麻烦,这是值得的。
We do something similar for software licensing by signing an XML file, although ours isn't tied to any hardware. The same concept applies. It works well.
You will also need to protect your .NET code using some kind of obfuscation tool, we use {smartassembly} but there are several others out there.
Keep in mind that no matter what you do, given enough time and resources, someone can bypass it.
That doesn't mean you should not protect your intellectual property, but there is a point where you get diminishing returns and cause more trouble to you and your customers that it's worth.