For my degree final project I was assigned to make a generic licensing solution for offline software deliveries. I've name this project
One License as it is meant to be generic.
It is a module for a broader project which deals with auto deployment of machine learning models and makes APIs available in a marketplace.
The One Licensing solution allows you to license your offline softwares which can be either time bound or limited to number of API calls. It also has some fraud prevention mechanism but I won't say they are completely hack proof(duh!), instead it just more difficult/inefficient for the users to hack it.
One License Thin Client is software that prevent license misuse using different strategies. One of the ways to do fraud is running the licensed software on VM Clones. One License Thin Client prevents this by detecting VMs. The softwares are allowed to be used inside the VMs but the license validation request is first made to the Thin Client which runs on a real machine and this further makes call to the licensing server.
This project is still a work in progress the docs are not ready but you can still check it out.
- I built the server using NodeJS + TypeScript.
- Used ReactJS + TypeScript for the dashboard
- Used Python for the client library since it was an immediate requirement. Clients in more languages will come soon.
- For the thin client I'm planning Electron with obfuscation and binarization.
Well the most difficult part was the fraud prevention step. I brainstormed on various cases with a hacker mindset and then wrote cases for prevention. Since it is meant to be run on the client system, I can only make it difficult for the client to hack the software.