3 Replies Latest reply on Feb 5, 2015 2:06 PM by philmodjunk

    Mechanism for Periodic Reauthorization to FM Solution



      Mechanism for Periodic Reauthorization to FM Solution


      I understand that fool-proof digital security is virtually impossible (witness the crazy hacking in every manner of corporate and government network systems).  Nevertheless, I still want to incorporate some security features in my solutions to keep the honest, honest...

      In order to maintain some level of control over the unauthorized distribution of solutions I will soon deploy, I wish to:

      1. Force the intended new user (school teachers) to initially input their name and school in a one-time entry, then prominently reflect that information on each main screen layout and on all output, reports, etc.
      3. Incorporate a mechanism whereby an author-provided key grants the intended user access to the solution for a year.  At the end of that year, the solution locks them out and prevents reactivation without input of a subsequent author-provided key.


      Item 1 is relatively easy to do so I have no questions there.  Item 2, it would seem, has a much higher complexity level.  Can anyone point me to posts where this sort of thing is discussed?  I read about someone doing this a couple of years ago but can't seem to find it now that I want to use it.

      Thank You

        • 1. Re: Mechanism for Periodic Reauthorization to FM Solution

          For 2. I would experiment with a "key" that encrypts the year into the value of the key. The code that checks to see if the year authorized by the year would decrypt the year from the key and compare it to the system clock's year (or possibly a year captured from a web site...) to determine if the key has expired. By encrypting a value for the year into the key, users can't save an unlicensed copy of your solution and just license the copy to start using it for the new year. This approach might not be needed if, by the end of 1 year, your system contains a great deal of data that the user will need for the new year...

          • 2. Re: Mechanism for Periodic Reauthorization to FM Solution

            Thanks for the reply, Phil.

            Two questions:

            1. I understand that encryption functionality is now incorporated in FMPA 13.  It seems that this functionality secures the file itself, whether traveling over the network, web, or on a client machine, and not related to the encryption of data in one particular field.  I take it you are not referring to this FM encryption feature but some other encryption function.  If so, which?
            3. I see how your description of employing an encrypted key would prevent the user from simply duplicating the file and starting a new year but I'm not sure I understand how the author fits into reauthorizing use of the solution from year to year.


            The particular solution I am referring to in this instance is a stand-alone classroom timer that has been tailored to meet the precise needs of a group of teachers.  We are allowing this group to use the timer in their classrooms free of any charge but we want to take steps to prevent the solution from propagating unauthorized out into the untamed world…

            Thanks again for your advice.

            • 3. Re: Mechanism for Periodic Reauthorization to FM Solution

              1. Correct and I didn't specify a specific encryption option as I do not have a specific one to recommend. I think you might find one as a custom function on one of the custom function web sites and there should be a few plug ins that offer different encryption options you might research. Or you might "roll your own", though the resulting encryption is then more of a "scramble" and while less secure as a result may be secure enough to server your purposes. Here's a rough outline of an approach that you might try:

              In a database set up to register each customer and generate their license keys, use Get ( UUID ) to generate a long ID code with many characters. Take the two digits for the year and perform a calculation on it such as Right ( Year ; 2 ) ^ 2 to produce the value of 225. Insert the 3 digits of this value into three different parts of the UUID string to "hide" them inside the code. So if your UUID was AB34p98723, the result might be: A5B34p2987223. Your software can extract these digits, assemble them into the correct order and take the square root to get the original value. Each time a user renews, issue them a completely new License key based on a new UUID so that they can't just inspect the first and second license keys in order to figure out how to produce a key to use to get their third year free. (And there are a lot of more complex max functions than simply squaring the value that you might use here...)