WIBU-SYSTEMS
354
WIBU-SYSTEMS
354

Enforcing Licensing in Virtual Environments

MarketingWIBU-SYSTEMS AG on February 26, 2021 at 7:23 PM

Virtualization is now in widespread use amongst the IT community and ISVs need to consider the ramifications of virtual machines on software licensing. Simply defined, a virtual machine is hardware, simulated on a host computer. This virtual hardware runs a complete (guest or child) operating system, while severely restricting its ability to interact with the real environment around it. All guest systems and the host share the same physical hardware, but without immediate access allowed to the guest systems. They see a simulated – virtual – machine, which can be saved and recovered with considerable ease.

Applications of virtualization in enterprise networks in the early 2000’s typically involved resource sharing, essentially splitting a single server into separate servers, each one utilizing a fraction of the CPU, storage, and other resources. With the addition of hypervisor control software, modern-day virtualization goes well beyond resource sharing and can involve data, desktops, servers, operating systems, and network functions. Today, there are several types of virtual environments that are being employed:

  • Virtual Machines on a local computer: This scenario is typically used for QA and testing purposes, as evaluation can be performed on a consistent, well-defined operating system.
  • Virtual Machines on a server: This approach is geared towards ensuring high availability, as it is very easy to move an entire environment from one system to another. The environment is independent of the hardware layer, ensuring high availability despite any hardware issues.
  • Virtual Machines in the cloud (AWS and Azure): With the growing popularity of Amazon Web Services (AWS) and Microsoft Azure, virtualization in a cloud environment adds even more benefits. Beyond the savings in hardware, operating costs and efficiencies, cloud virtualization is cost effective, as users only pay for what they use, and it is very easy to scale performance and the number of virtual machines on-demand.
  • OS-level virtualization: Environments like Docker Containers are very popular to simplify the deployment of applications. A ready-to-use image is deployed, including all needed dependencies for the application. Such environments limit the access to local available resources. Contrary to a complete virtual machine, in OS-level virtualization parts of the OS kernel are shared between Host and all Containers.

While IT readily leverages the benefits of virtualization, it’s a different story for ISVs as the technology adds another layer of challenges for not only software licensing, but software protection as well. New threats appear and some existing threats are increased. Let’s look at new and increased threats and risks presented in a virtual environment:

  • Copying and duplicating a license on another machine: If the licensing relies on hardware properties, which don't change during a copy or clone process, a license could be duplicated multiple times.
  • Resetting licenses: If the licensing does detect a time warp of the virtual machine, licenses can be reset to an earlier state. This is a high risk, especially if time-based or usage-based licenses are used. But also, if re-hosting of licenses is allowed, this could be used to duplicate a license. In this scenario, (1) a license gets activated on a first machine, (2) a snapshot is taken of this first machine, (3) the license gets deactivated, (4) the license gets activated on another machine, and (5) the first machine is reset to the snapshot with the activated license. Now the license is available at both machines.
  • Increasing floating network licensesIf the licensing does not distinguish between different virtual machines at the same computer, two instances of a running application could be counted as one, resulting in an illegal over-usage of the licenses.
  • Avoiding license locking: A strong feature of copy protection systems is the locking of the license if a crack attempt is detected. Like the threat of resetting licenses, an undetected time warp created by resetting the virtual machine to an earlier snapshot, would reduce the security of the license locking mechanism.

Fortunately, there are countermeasures that ISVs can employ to control licensing and protect software in virtual environments just like in conventional hardware. With Wibu-Systems’ CodeMeter protection and licensing platform, ISVs have the tools and methods needed to safeguard IP, no matter which virtual environment configuration is in use. Software-based CmActLicenses use mechanisms that take into account virtualization. Time warps are detected and licenses are invalidated in this case. Special fingerprinting for Microsoft Azure and AWS allow reliable and secure binding to one instance of a virtual machine. Alternatively, CmCloudContainers can be used to control licenses at the CodeMeter Cloud Server of Wibu-Systems. You can learn more about CodeMeter in Virtual Environments in a white paper, or hear from our experts directly in a prerecorded webinar, Real Licenses in Virtual Environments.

Login or register now and enjoy all the benefits of a community!

To get the whole functionality of IndustryArena Forum you need to login or register. This process is absolutely free.

Password forgotten?
Contact request
Guest Photo
Your message
The controller within the meaning of Art. 4(7) GDPR is: IndustryArena GmbH, Schneiderstr. 6, 40764 Langenfeld, Germany.
You may reach our data protection officer under [email protected].

Purpose of processing
We process your personal data concerning the use of the contact form and the communication with the company of the newsroom as well as the transmission of your data to this company in accordance to Art. 6 (1a) GDPR. This constitutes a legitimate interest for us in accordance to Art. 6 (1f) GDPR.

Recipient of the data
Within our organization, those units gain access to your data, which are necessary to fulfil the above purposes.
Personal data will only be transmitted to third parties if this is necessary for the aforementioned purposes or if another legal basis exists. If necessary, we conclude the corresponding data protection agreements with third parties, in particular pursuant to Art. 28 GDPR.

Data storing
Your data will be transmitted to the company of the newsroom for further processing. The period of storing is the duration of the processing of your request by the respective company.

Select contact person

Newsroom Logo

Design options

  • Title text color:
  • Content background:
  • Content text color:
  • Navigation background:
  • Tab text color:
  • Active tab text color:
  • Link text color:
  • Active link text color:
  • Background image Background color:

    How do you want to position the background-image?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the background image

  • Banner

    How do you like to align the banner?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the banner

  • Skyscraper

    Set the link for the skyscraper

Please note:

Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.