C
The licenses for SaaS applications are created in the same this scenario and protect your rights as the developer of the
manner that is used for on-premise licenses; they only differ software. You have several options at your disposal:
L
O
U
D
in the binding scheme, using CodeMeter Cloud Lite in the
place of CodeMeter SmartBind or CmDongles. A license is
created and assigned to a user in a process that does not
differ from the activation of a local license – you can even
combine both forms. You can integrate your user admin
processes with Single-Sign-On solutions like OAuth2 or
SAML.
Authentication for SaaS Applications
On top of its comprehensive licensing and powerful software
protection capabilities, CodeMeter comes equipped with a
third star trait: The private keys used for authentication can
be stored securely on a CmDongle or a computer-bound
CmActLicense. This makes CodeMeter the right choice for
user authentication in SaaS scenarios.
The solution can be integrated via the CodeMeter API,
specifically when you supply your users with a dedicated
local application that works in tandem with a SaaS
application in the cloud. The SaaS software creates a
challenge that the local application responds to by signing it
with the private key kept in the local license. Up in the cloud,
the SaaS application uses the public key to verify the identity
of the user, with the users’ identities managed and recorded
in the cloud according to your specific needs.
For browser applications, client certificates have established
themselves as the standard solution. A middleware is used
to transfer standard x.509 certificates on a CmDongle.
Two standardized interfaces (PKCS#11 and Microsoft
CSP) are available for applications like Internet Explorer,
Firefox, Chrome, Safari, Outlook, or VPN clients to use these
certificates.
Standard Applications in Private
Clouds
Imagine the scenario: You have created a standard desktop
application that needs a lot of computing power. In such
cases, your users might be thinking about moving the
application to their own private clouds.
A private cloud would typically be a farm of virtual machines
operated in a company’s own data center or at a specialized
provider on other hardware known neither to you nor to
the user. It might not even have USB interfaces to connect
to. Again, CodeMeter has the capabilities needed to handle
1. USBoverEthernet: Your user is given a license in the
form of a CmDongle. Common USBoverEthernet
products can now be used to connect that CmDongle
to the virtual machine in question – many data centers
have this technology as standard practice. You do not
have to make any changes to your software or to your
established distribution methods.
2. Network Server: Your user operates a network server
in the data center. CodeMeter offers a special lean
CodeMeter Runtime for such servers, designed to
operate even on Raspberry Pis The CmDongle is hooked
up by USB to that server. Your software only has to
support the CodeMeter networking protocol (CmLAN),
which implies only a minor change in the configurations
for your software. You still deliver your software in the
standard manner.
3. Server in der Cloud: A CmWAN server can be operated
by you directly or by your users. The licenses can then be
kept in the LAN, WLAN, or the cloud, using CmDongles
or CmActLicenses on the CmWAN server. As with the
network server, your software needs to support the
right protocols, and the distribution processes still
remain unchanged.
4. SmartBind with VM Move: You create a SmartBind
license with a “loose” level of tolerance. This makes
sure that the license remains intact when the virtual
machine it is kept on is relocated in the cloud. It would
be invalidated when the virtual machine is copied.
Alternatively, you could define the machine SID as the
binding property. You do not need to change anything
in how you integrate the system in your application; all
you need to do is create special licenses for the users
who will run your software in their private clouds.
5. Licensing with CodeMeter Cloud Lite: You can leave
the licensing of your software to CodeMeter Cloud
Lite. Your application would be given a Protection Only
license to prevent reverse engineering and regularly
check the Wibu cloud to see whether the license is still
valid or whether it is being used elsewhere. This type of
licensing requires some changes to your software and
a permanent Internet connection between the user’s
private cloud and the Wibu cloud. The creation of the
license itself is not made more difficult: all it needs
is the addition of CodeMeter Cloud Lite as another
binding property.
17