Understanding Program Security Techniques With Fingerprinting Techniques

Use of a watermark on the delivery medium such that it turns really hard to multiply that mark into an illegal copy is a popular manner of bringing in a security system against piracy for digital media. Confirmation code verifies - at runtime - if the software is being run from the primary delivery medium, or not. If such a mark is defective or can not be detected, the program's carrying out is ended. Correspondent methods were also researched for binaries security, it is the so-called software protection by watermarking.

Establishments such as the Business Software Alliance watch corporations for practicing reversed programs. Unfortunately, their inspects do not identify the single software cracker nor the unscrupulous programmer. Perhaps this is a component of the solution why somebodies keep being charmed by copyright infringement!

Copyright violation is not a modest problem in the software industry. The legitimate bearer of the copyright often differs from the factual programmer of the product. Also, methods - e.g. watermarking - imposing the use of a software corresponding to the correspondent license terms are imperative because such measures are associated to resolving the doubts of online trading.

Vendors watermark a software by implementing unique identifiers. It maintains property rights to the legitimate proprietor. But, this processing can as well serve to hunt down the pirate after the illicit act. Therefore, software watermarking scares the pirate from copyright infringement by raising the possibility of getting captivated. All matters placed together, it does not inevitably forestall piracy.

It should be mentioned watermarking is not a painless method, sooner the contrary. Most other present anti reversing techniques are simple to apply though their strength in preventing reversing is frequently problematic. Nowadays, numerous programs are distributed in formats which are uncomplicated to pirate. Java Bytecode and Microsoft Intermediate Language are such formats. These formats make that the pirate can easily decompile or examine the source code under disassembler and/or debugger. Next, it gets almost too elementary to locate and get rid of all remains of the method. And this even includes the case of watermarking.

Software watermarking embeds a unique identifier in the software data. This activity is comparable to the techniques practiced in digital media watermarking. A unique identifier is embedded into the data from video, audio or images so that it can be recovered for intentions of validation of origin. The difference is that the implementing must be accomplished without corrupting the software data.

Indeed, overwriting reasonable amounts of information does not determine digital media in a fashion that it turns perceptive to people. Software watermarking though, needs watermarking without spoiling the natural workflow of the software. Apparently, this requires particular proficiencies.

To establish original ownership of a software, the programmer implants a copyright notice. To exemplify, suppose company A steals a private application from company B intending to decrement the production time for the own business. Now, company B evidences piracy committed by company A if company B can establish that company A's software holds their copyright notice.

Remark though that this type of watermark evidences only that company A was employing the stolen secret, it does not bring validation about who has effectively cracked the program! Perhaps company A had no unacceptable purposes at all? Perhaps company A has bought the stolen code somewhere? This is where the fingerprint comes in play, its unique identifier can establish a software - or a part of a software - was stolen as well as link it to the committing party.

Static and dynamic are identifying the watermarking algorithms based on their characteristics of working. Static watermarking algorithms only make use of the structures of a software like available on disk while dynamic watermarking algorithms execute, validate and extract the watermark based on data accumulated during the carrying out of the software.

There are three distinguishable dynamic techniques: easter egg, data structure and execution trace watermarks. To determine which one is securer, much of the actual research is aimed at the analysis of static versus every of the three dynamic algorithms . More research in this matter is required though studies describe no clear advantage for either.

Therefore, the solidest protection by watermarking is provided if both - a watermark and a fingerprint - are embedded in the software. The author of the software embeds a fingerprint with particular information from the purchaser when he sells a copy of his software. But first, he has embedded a general watermark holding his own information to prove his authorship. The proof is then total!

It still exists manners of circumventing such protection schemes, despite the protection mechanisms cited. A software pirate can either copy the watermark or get rid of the verification code to circumvent a protection system. This is achieved through reverse engineering the program. The illicit purpose is disclosing the verification code and its working together with the remaining code.

The watermark verification code is dismantled or even totally removed on victorious reversing. A reversed copy does no more need to carry the mark since the software doesn't check for its presence any longer. Still, if watermarking is employed in alignment with supplementary protection proficiencies, then the protection degree reaches a really superior level.

By: Jose Sogiros

Article Directory: http://www.articledashboard.com

In his job as researcher, J. Sogiros covers inquiries identical to "How to protect my software against cracking?". Read further about his job and concerns at software security measures.