L I C E N S I N G
CodeMeter SmartBind
& Microsoft Azure
Virtual environments make it difficult for acti-
vation-based licenses to be securely bound to
the machines they are meant for. The properties
that would normally be used as a fingerprint of
the target system are often generic in virtual
machines, and a change to these properties
(often happening in bulk in data centers) has
the potential to break an entire collection of
licenses in one fell swoop. Wibu-Systems has
worked with Microsoft to develop a much
better approach for virtual systems running in
Microsoft Azure.
CmActLicenses are activation-based licenses
that need no separate hardware, as they employ
a signed and encrypted license file. The unique
encryption technology allows the license file
to contain symmetric and asymmetric keys on
the user’s computer itself, which can then be
used for the various cryptographic operations
happening in CodeMeter.
CodeMeter SmartBind is Wibu-Systems’
patented solution for binding CmActLicenses
to their target devices. CodeMeter SmartBind
creates a fingerprint of the user’s computer
by referencing different traits and properties,
each with their own specific weighting, like
the hard drive, motherboard, or CPU. A special
and similarly patented tolerance mechanism
makes sure that the CmActLicenses and the
keys stored in them remain valid even if the user
replaces parts of their computer’s hardware. The
fingerprint evolves automatically to match the
environment and operating system preferred
by the user.
Creating such a unique and uncopiable finger-
print for binding licenses to virtual machines
still remains a tough proposition. After all,
freedom and flexibility to experiment with
simulated hardware properties is part of the
raison d’être of virtualization. Wibu-Systems
has continued to refine the inner workings of
CodeMeter SmartBind to enable strong binding
for CmActLicense even in virtual environments.
Teaming up with Microsoft in a project for a
shared client offered important new insights.
Microsoft Azure data centers have the oppor-
tunity to use a web service to access certain
parameters of the Azure environment. For
the project, a volume license for the client
was given a custom binding by reading out
the licensing details of Microsoft Azure itself.
This makes the same binding work for all
installations of the client’s software operated
under the same subscription in the Microsoft
Azure environment.
remains intact even if the virtual machine’s
properties are changed. The system would
recognize a cloned machine (or, more precisely,
the integration of a new disk image in a virtual
machine), and the license would be broken.
The new recipe for fingerprints using the
special Microsoft Azure ID is employed for
all CmActLicenses on Windows systems first
created with CodeMeter Version 6.90 or later.
All CmActLicenses created by earlier versions
of CodeMeter 6.90 continue to use the esta-
blished format. In order to benefit from the
new system’s advantages, the CmActLicenses
would have to be replaced; to do so, the acti-
vated licenses could be returned to CodeMeter
License Central, the empty CmContainers
deleted, and new licenses activated.
The next version of CodeMeter is expected
to bring the new type of fingerprint to Linux
systems in Microsoft Azure upon its release in
December 2019.
This solution makes CodeMeter SmartBind more
robust than ever before and safe from misuse
and manipulation in Microsoft Azure.
To bind licenses directly and individually to
virtual machines, Windows systems operating
in Microsoft Azure now use a separate ID
provided there. This ensures that the binding
3