Recently, Beijing Senselock Software Technology Co., Ltd. has successfully passed the surveillance and audit from ISO9001:2008, one of the core standards for Quality Management System set up by International Standardization Organization, which reveals a good start for the company in 2012.
After recognized for the first time in 2005, Senselock accepted surveillance and audit under ISO9001:2008 this time aiming to maintain the sustainability of its Quality Management System and make sure the company’s vision is undergoing and its system’s operation is valid.
With a wide range of standards from the company’s software copyright protection system, design of net safety system to its production and service, the surveillance and assessment contains many aspects including quality management strategy, resources management and self-improvement. Detailed scrutiny has been executed on processes and evidences of aspects mentioned above.
Auditing experts inspected R&D Department, Production Line and Management Department of Senselock and communicated with its general manager as well as department’s mid-level managers. Concepts of the company on management and production have been well-acknowledged by professors that Senselock holds a comprehensive and exhaustive understanding in these two areas where the company has achieved greatly to prove its advantages. To maintain the sustainable operation of its Quality Management System, the headquarter and its branches execute layer-analysis, which demands specific measurements corresponding to various levels and layers. It is the pursuit of high quality and the promise of lifetime improvement that takes control of Senselock’s Quality Management System. In addition, serious criteria for R&D, production, the complete deployment of resources enables Senselock to offer qualified software protection products for clients.
As the world's most common recognized international standards, its acknowledgement from ISO provides an extensive and profound impact that the owner has a good quality, a high credibility and an international reputation. Senselock has been acting out such powerful enterprise strength to prove its ability to hold the qualification of Quality Management System in the field of software protection.
2011年12月5日星期一
2011年11月17日星期四
A New Breakthrough in Software Protection
To set up the expiration dates of licenses, a reliable data source is essential for securing the accuracy of time in case malicious users distort in the OS. And it gives an extraordinary importance to the independent clock devices like EL Rtc, for it has no validating communication between the dongle and computer that guarantees the time is unchangeable from outside. However, the battery life determines that no eternal solution for those software users require sustention longer.
After thousands of experiment, engineers of Senselock made a breakthrough on power usage from different kinds of rechargeable sources and successfully applied on the new model of real-time clock device, EL Rtcc. Its last digit stands for abbreviation of “Chargeable”. The hotspot of EL Rtcc is to support accuracy of clock over min 5 years without plugging in a running computer that defeat most of current similar products in the market at present.
EL Rtcc, has the same technical performance as EL Rtc and a unique attribute which could be repeatedly charged & discharged. For EL Rtcc adopts internal LDO power-supply management. When connecting EL Rtcc with computer, its internal power-supply management automatically switches over to external power-supply, which charges the battery simultaneously. Get to know EL Rtcc.
2011年11月4日星期五
Structure of WinCE Stream Driver
WinCE stream driver specifies a sort of drivers, that IO according to the mode of stream. In fact, only the driver interfaces are alike stream operations. For instance, stream operation has the following interfaces: CreateFile, ReadFile, WriteFile, seek. And for WinCE:
| Xxx_init |
| Xxx_open |
| Xxx_read |
| Xxx_write |
| Xxx_seek |
| Xxx_iocontrol |
| Xxx_close |
For WinCE driver that already has the above interfaces, while using CreateFile (“XXX1:”) to open the device handle or WriteFile() to send data to device or ReadFile() to read out from device, the operating system will automatically invoke the responding interfaces from the driver.
| CreateFile("xxx1:") -> xxx_open |
| WriteFile() -> xxx_write |
| ReadFile() -> xxx_read |
2011年10月8日星期六
Build Low-risk Software Rental & Sales – Real-time Dongle
Demands
The conventional sales model of software has been evolving gradually as the competition is getting intense. According to the forecast from industrial experts, one-off authorization sales will be replaced by the membership which will be charged in times and tries. If the software vendors can seize and utilize the trends, they will be rewarded greater advantages with close-to-user, lower-user-risk sales strategy.
Solution
Embedded real-time dongle can easily build a new model for software vendors that supports installment sales and rental. By choosing such a solution, it dramatically decrease the purchasing (trial) risk of end users. In addition to empower the competitiveness, no extra risks of damaging interests will come upon software vendors.
It is achieved by accurate time limitation and network middleware. When a license is expired, the device will self-lock automatically. Once the receivables is confirmed, the software vendor can use the network middleware to implement remote authorization on target devices.
Case
In China, some software vendors have managed to deploy such sales model and modified the distribution into direct sales. YuanYang Tech, Co. Inc. use our solution to make it work in business. After the deployment, end users only need to pay hundreds to get license worth thousands, only with using time restricted. It increase the market share of such software in comparison with other competitors.
Answer
Elite EL RTC is the key to make it true. Click here to get more…
The conventional sales model of software has been evolving gradually as the competition is getting intense. According to the forecast from industrial experts, one-off authorization sales will be replaced by the membership which will be charged in times and tries. If the software vendors can seize and utilize the trends, they will be rewarded greater advantages with close-to-user, lower-user-risk sales strategy.
Solution
Embedded real-time dongle can easily build a new model for software vendors that supports installment sales and rental. By choosing such a solution, it dramatically decrease the purchasing (trial) risk of end users. In addition to empower the competitiveness, no extra risks of damaging interests will come upon software vendors.
It is achieved by accurate time limitation and network middleware. When a license is expired, the device will self-lock automatically. Once the receivables is confirmed, the software vendor can use the network middleware to implement remote authorization on target devices.
Case
In China, some software vendors have managed to deploy such sales model and modified the distribution into direct sales. YuanYang Tech, Co. Inc. use our solution to make it work in business. After the deployment, end users only need to pay hundreds to get license worth thousands, only with using time restricted. It increase the market share of such software in comparison with other competitors.
Answer
Elite EL RTC is the key to make it true. Click here to get more…
2011年8月25日星期四
2011 Concours Lepine Innovation - EL Genii Awarded Big
Paris, France - May 9, 2011 –EL Genii, the smallest software protection dongle that, with Code-Port technology, was awarded the 3rd prize at a glittering ceremony under the patronage of Mr. Nicolas Sarkozy, President of the France Republic.For preparation of this great expo, Senselock assigned two important figures to join; the R&D Manager and International Business Manager. The former made a great impression of Juries with an easy demo to give a full image that how EL Genii could achieve extremely high-secured mission of software protection and fit in such a tiny space, 2.8g in weight and coin-sized.
Code Port is an evolutionary technique of transferring key codes of protected software to a dongle under secure communication. When a corresponding dongle is plugged, the protected application will call specific API functions to run key codes and data stored in the dongle and return legal results, so as to complete the full operation of the protected application. As those code and data stored in the dongle do not have copies at the PC end, malicious crackers are unable to get algorithms or data by physical interception. In a word, Elite EL provides a reliable solution to shield software developers from financial loss caused by pirating activities.
The award was not only a pre-expected result for Senselock, but also the payoff of hard work and long term research and development by Product and R&D Departments.
Since the first launch in 2010, EL Genii have reached a great achievement on protecting software on blade servers and laptops. Its sales figure was built by customer satisfaction domestically and overseas. Senselock is looking forward to winning more market share for its superb slimness to offer the most cost-effective software protection solution for software venders.
How does it work?
Code Port Technology
It is essential to introduce the Code Port technology by the following diagram:
Code Port is an evolutionary technique of transferring key codes of protected software to a dongle under secure communication. When a corresponding dongle is plugged, the protected application will call specific API functions to run key codes and data stored in the dongle and return legal results, so as to complete the full operation of the protected application. As those code and data stored in the dongle do not have copies at the PC end, malicious crackers are unable to get algorithms or data by physical interception. In a word, Elite EL provides a reliable solution to shield software developers from financial loss caused by pirating activities.
Availibility
EL Genii has two versions of memory size 32K/64K. You could ask for quotation from our representatives or headquarters directly. www.senselock.com About the Concours Lépine The Concours Lépine, established in 1901, is now recognized worldwide as a leading force in the development of new technologies. The Concours Lépine allows inventors to promote their inventions and to establish links between inventors and official bodies.2011年8月24日星期三
The Relevance between EAL and Software Protection Dongle
EAL stands for evaluation assurance level and is a certificate of security for IT products measured against a set of common criteria portal.
How does a product get EAL certified?
It is assessed against a set of common criteria by an approved agency. The developer of the system produces a security target (ST) document containing a list of features to be assessed. The ST is based on the criteria here. The process is long and expensive, according to wikipedia vendors were spending $1 - $2.5million to gain EAL4 certification in the 1990s.What is required to meet the various levels?
The EAL process is broken down to cover the following aspects of a system: Development, documentation, life-cycle support, security target evaluation, testing, vulnerability assessment.Each EAL level goes into slightly more detail, for example the "development" area at EAL1 requires a basic functional specification to be provided by the developer. EAL2 requires that same functional specification but expanded to include details of security enforcement. It also requires a security architecture description and a basic design.
An EAL4 certificate does indicate that the product was developed following good practices and has a well defined and documented architecture. These are clearly good things in terms of stability and security.
How about EAL 5+ chip used in software dongle?
The security of the smart card chip is actually guaranteed by the semiconductor manufacturers. Generally speaking, chips produced by manufacturers with greater strength are more reliable. Regardless of the varieties of chips, the most possible attacks these chips will encounter mainly include the following:- Electronic attack (for instance, SPA and DPA);
- Probe attack (for example, SiShell);
- Dissection of chip;
- Debug port.
Method of probe attack: make direct data access to and from memory or data bus through the connection of microprobe with the key parts inside the chip.
Dissection of chip: obtain the chip’s circuit logic and connection status through the use of scanning electron microscope and exert reverse engineering to the chip.
Debug port: directly read out the key information by activating the debug port of manufacturers.
To protect the indongle data from the above mentioned cracking methods, the wise option is to choose high ranking dongle device in EAL. So far, only Senselock produces the software protection dongle based on EAL 5+ chip which is NXP (Former is Philips) 16-bit smart card.
Is it worth buying EAL5+ products?
For companies that only has low priced software products, I would say the best solution is to use common single chip dongle or regular enveloper protection instead of spending too much on high-level dongle protection.If your software is quite profitable to crackers, and once being pirated, the loss could be unbearable, then you do not have further option but choose the higher secured dongle in EAL.
After all the copyrights and source codes are the most valuable assets to the software company, not bunch of desktops and laptops.
订阅:
博文 (Atom)