Anti-Tampering Measures

There is an inherent problem in creating a common API for software licensing. Specifically, a well-known API broadens the opportunity for creating an imposture license system (i.e., a substitute license system which masquerades as the real one). In theory, the imposture license system would grant all license requests, without any regard for the actual licenses. To avoid this, counter-measures are included in the API design to reduce this risk. The measures are not guaranteed to be tamperproof, but they are designed to deter license system tampering, and reveal when tampering does occur.. These measures include features to:

Prevent the license system from being compromised through substitution of an imposture license system (e.g., one which always grants all license requests).

Prevent the license system from being compromised through multiple patches (i.e., there is no set of patches which defeat the license system for all applications).

Help prevent, through a set of guidelines, any single application's license verification subsystem from being defeated by any single patch.

Require an obvious and intentional effort to defeat for each application.

Much of the anti-tampering is accomplished by the inclusion of a challenge/response mechanism in the API calls. This mechanism provides a reasonably reliable way to obtain end-to-end verification that the license system knows some secret which the application knows. In any circumstance, given enough time, the more persistent intruder can find a way to defeat any licensing system -- but only on a per application basis. The design of the API requires an explicit effort for each application in which the license mechanism is to be defeated.