Thread Subject:

Licensing your deployed GUIs

I am wondering what others have done for this. I haven't been able to find anything where people describe it, but I have been told by Matlab App Engineers that it is done.

What I wish to do is restrict who uses my deployed GUIs. I have written into the GUI a license check where it reads the computer's HDD serial and name and compares this to a license file, if they match the GUI runs, if not, it closes.

The first time the person runs the GUI they will get a prompt telling them to email me a certain file generated by the GUI. I run that file through my 'License Manager' which spits out another file I send that back to them and they copy this to their run directory.

So basically it is an activation process not unlike what is done for many softwares already.

The license file is encrypted and the decryption key and algorithm has to be hard coded into the GUI, but this should be OK since the deployed M file is itself encrypted. Right?

I am keen to hear what others are doing and what you think of this.

See you,
Tim

Tim Doyle wrote:
> I am wondering what others have done for this. I haven't been able to find anything where people describe it, but I have been told by Matlab App Engineers that it is done.
>
> What I wish to do is restrict who uses my deployed GUIs. I have written into the GUI a license check where it reads the computer's HDD serial and name and compares this to a license file, if they match the GUI runs, if not, it closes.
>
> The first time the person runs the GUI they will get a prompt telling them to email me a certain file generated by the GUI. I run that file through my 'License Manager' which spits out another file I send that back to them and they copy this to their run directory.
>
> So basically it is an activation process not unlike what is done for many softwares already.
>
> The license file is encrypted and the decryption key and algorithm has to be hard coded into the GUI, but this should be OK since the deployed M file is itself encrypted. Right?
>
> I am keen to hear what others are doing and what you think of this.

Firstly, I wouldn't call this 'licensing' at all. Licensing to me is
legal stuff that you agree with your users. What you described
is more on the copy-protection side of things.

Secondly, if what you've done works for you *and* your users (in
the sense that it does not annoy users too much) then it's okay.
But designing such a scheme is not so easy and may fail for some
users. That's why usually people are advised not to cook up their
own scheme but use existing ones (i.e. third party solutions).

markym <no@email.com> wrote in message <gg0q0l$5vn$1@news.oulu.fi>...
> Tim Doyle wrote:
<<SNIP>>

>
> Firstly, I wouldn't call this 'licensing' at all. Licensing to me is
> legal stuff that you agree with your users. What you described
> is more on the copy-protection side of things.
>
> Secondly, if what you've done works for you *and* your users (in
> the sense that it does not annoy users too much) then it's okay.
> But designing such a scheme is not so easy and may fail for some
> users. That's why usually people are advised not to cook up their
> own scheme but use existing ones (i.e. third party solutions).

Thanks for the info.

Any tip on which 3rd party solutions are typically used?

Tim.

"Tim Doyle" <tim@timdoyle.net.au> wrote in message <gg078u$mf2$1@fred.mathworks.com>...
> I am wondering what others have done for this. I haven't been able to find anything where people describe it, but I have been told by Matlab App Engineers that it is done.
>
> What I wish to do is restrict who uses my deployed GUIs. I have written into the GUI a license check where it reads the computer's HDD serial and name and compares this to a license file, if they match the GUI runs, if not, it closes.
>
> The first time the person runs the GUI they will get a prompt telling them to email me a certain file generated by the GUI. I run that file through my 'License Manager' which spits out another file I send that back to them and they copy this to their run directory.
>
> So basically it is an activation process not unlike what is done for many softwares already.
>
> The license file is encrypted and the decryption key and algorithm has to be hard coded into the GUI, but this should be OK since the deployed M file is itself encrypted. Right?
>
> I am keen to hear what others are doing and what you think of this.


If you ship p-coded m-files, you can node-lock them in this way. However, it's not difficult to spoof schemes like this if you find out how they work.

Tim Doyle wrote:
> markym <no@email.com> wrote in message <gg0q0l$5vn$1@news.oulu.fi>...
>> Tim Doyle wrote:
> <<SNIP>>
>
>> Firstly, I wouldn't call this 'licensing' at all. Licensing to me is
>> legal stuff that you agree with your users. What you described
>> is more on the copy-protection side of things.
>>
>> Secondly, if what you've done works for you *and* your users (in
>> the sense that it does not annoy users too much) then it's okay.
>> But designing such a scheme is not so easy and may fail for some
>> users. That's why usually people are advised not to cook up their
>> own scheme but use existing ones (i.e. third party solutions).
>
> Thanks for the info.
>
> Any tip on which 3rd party solutions are typically used?

Sorry, no. But I would think that there several alternatives
found via Google and people choose whatever fits their budget and
purpose.

"Tim Doyle" <tim@timdoyle.net.au> wrote in message <gg13ma$iuj$1@fred.mathworks.com>...
> markym <no@email.com> wrote in message <gg0q0l$5vn$1@news.oulu.fi>...
> > Tim Doyle wrote:
> <<SNIP>>
>
> >
> > Firstly, I wouldn't call this 'licensing' at all. Licensing to me is
> > legal stuff that you agree with your users. What you described
> > is more on the copy-protection side of things.
> >
> > Secondly, if what you've done works for you *and* your users (in
> > the sense that it does not annoy users too much) then it's okay.
> > But designing such a scheme is not so easy and may fail for some
> > users. That's why usually people are advised not to cook up their
> > own scheme but use existing ones (i.e. third party solutions).
>
> Thanks for the info.
>
> Any tip on which 3rd party solutions are typically used?

We have had success embedding FLEXlm calls in Matlab MEX files that connect to our own FLEXlm license server. Not a cheap solution by any measure, but if your company already ships a server for other reasons, it's worth using it to llicense ML applications.

"Steve Amphlett" <Firstname.Lastname@Where-I-Work.com> wrote in message <gg384a$n7c$1@fred.mathworks.com>...
> "Tim Doyle" <tim@timdoyle.net.au> wrote in message <gg13ma$iuj$1@fred.mathworks.com>...
> > markym <no@email.com> wrote in message <gg0q0l$5vn$1@news.oulu.fi>...
> > > Tim Doyle wrote:
> > <<SNIP>>
> >
> > >
> > > Firstly, I wouldn't call this 'licensing' at all. Licensing to me is
> > > legal stuff that you agree with your users. What you described
> > > is more on the copy-protection side of things.
> > >
> > > Secondly, if what you've done works for you *and* your users (in
> > > the sense that it does not annoy users too much) then it's okay.
> > > But designing such a scheme is not so easy and may fail for some
> > > users. That's why usually people are advised not to cook up their
> > > own scheme but use existing ones (i.e. third party solutions).
> >
> > Thanks for the info.
> >
> > Any tip on which 3rd party solutions are typically used?
>
> We have had success embedding FLEXlm calls in Matlab MEX files that connect to our own FLEXlm license server. Not a cheap solution by any measure, but if your company already ships a server for other reasons, it's worth using it to llicense ML applications.

Steve,

is it possible, you share some snippets of this MEX code to the community? I would like to do exactly what you described, but have no idea and experience with MEX files.
Or could you share some references to learn from it?
At least good to hear, this would work...

Best regards,
Johannes

"Tim Doyle" <tim@timdoyle.net.au> wrote in message <gg078u$mf2$1@fred.mathworks.com>...
> I am wondering what others have done for this. I haven't been able to find anything where people describe it, but I have been told by Matlab App Engineers that it is done.
>
> What I wish to do is restrict who uses my deployed GUIs. I have written into the GUI a license check where it reads the computer's HDD serial and name and compares this to a license file, if they match the GUI runs, if not, it closes.
>
> The first time the person runs the GUI they will get a prompt telling them to email me a certain file generated by the GUI. I run that file through my 'License Manager' which spits out another file I send that back to them and they copy this to their run directory.
>
> So basically it is an activation process not unlike what is done for many softwares already.
>
> The license file is encrypted and the decryption key and algorithm has to be hard coded into the GUI, but this should be OK since the deployed M file is itself encrypted. Right?
>
> I am keen to hear what others are doing and what you think of this.
>
> See you,
> Tim

Hello Tim (and others)

Your basic approach is sound. The trick, of course, is to make the copy protection robust enough to take into account the most common attacks (e.g. tweaking system time or HDD serial id) while retaining user-friendliness. It is a trade-off anyway; there is little you can do to stop the most determined cracker, so the task boils down to optimizing the protection scheme for revenue generated by the licensed users of your software.

As for third party applications, we have been developing a software suite (Taurus) which facilitates direct copy protection of MATLAB algorithms, GUIs and applications in the MATLAB workspace. Briefly stated, it allows the user to embed the copy protection functionality that you have described (and quite a bit more) automatically into any function m-file or GUI. It also facilitates transparent data file encryption/decryption, limited duration license keys, automated license requests via email etc. As the newer MATLAB Compilers can handle p-coded functions, the protected applications can be deployed to stand-alone ones, too.

We host a range of implementation examples and a free evaluation version of Taurus at http://www.algorithmprotection.com