•
FEITIAN ROCKEY4 LM is based on high quality smart card chip. Unlike normal MCU chips, not only has this particular type of chip passed the common criteria for information technology security evaluation of EAL 4+, it has also gained IT SEC certification. Thus, the chip has strong ability of defending both electronic probing attacks (SPA &DPA) and physical attacks (Sishell). Also, it has perfect security-enabled design in hardware through techniques such as increasing additional noise signals, adding filter circuits and introducing special materials (E.g. sensitive to electron beams) to prevent any unintended executable scripts from running.
•
In order to ensure communication security and anti-data-interception, FEITIAN RLM system uses a combination of hardware-generated random number and hardware communication key created through challenge-response authentication method of HMAC-SHA-1 algorithm to encrypt datagram at dongle-computer communication level.
•
The software envelope tool of RLM system adopts many advanced techniques such as code obfuscation, anti-debugging, code replacement, filter driver and virtual machine protection etc. to safeguard software with a protection dongle. The aim is to make software and dongles so seamlessly bound that there is no way to run software without one. E.g. Software stops immediately with plug-off of the protection dongle. Thus, software will be constantly under the protection of RLM system.
•
RLM system uses AES – a high-strength encryption algorithm to protect data files. One encryption key can be assigned to one document, which is stored on the safety zone of a smart card chip, corresponding to an individual logon pass and a different set of authorization properties. A protected document can only be opened after its encryption key is retrieved and by providing the right logon pass and the correct set of authorization properties.
•
RLM system provides a secure software production and management solution based on RSA algorithm, aiming at helping software developers with software product development, software sales & distribution and remote licensing management.
•
The basis of ROCKEY4 LM dongle hardware is a high-performance smart card chip, which operates robustly with full functionalities. The dongle itself is a non-driver device to prevent unstable operations of device driver under different platforms, thus compatibility is largely enhanced. Many techniques are adopted in the design of the software encryption tool engine of RLM system to enable high performance of the protected software so that it is perfectly integrated with dongles and operates smoothly.
•
RLM system is designed to have a concise structure and to facility software developers to manage full software development process from software protection to licensing management. RLM system supports many license models and remote license update so it is never necessary to retrieve a dongle which has been distributed to the end-user. ROCKRY4 LM dongle with different capacity of onboard flash memory is also available in RLM system to facilitate delivery of the software. On one side, software developers can use the memory to store software when selling; on the other side, end-users can carry a single protection dongle to use the well-protected software anywhere.
RLM system is the most cost-effective solution for full-scale software protection. RLM system can safely protect many types of program such as WinPE, .NET and Flash etc. on many operating platforms like Windows, Linux and MAC in both 32-bit and 64-bit modes. Meanwhile, it provides plenty of software licensing and management models, e.g. trial period, expiration date, number of uses etc. More, RLM system in its license management console allows software developer to create a new and exchange an existing license remotely, which reduces necessity of dongle retrieving and exchange to the lowest level. Remote updating process is based on asymmetric RSA algorithm thus safety is guaranteed.
Data protection is an essential part of RLM solution. In RLM system, the definition of protecting software has been raised to a new level: RLM system protects not only software, but also the data files used by the software. As an important part, data protection of RLM system uses cryptographic algorithms like T-DES, AES etc. and the encryption key is protected by the smart card chip hardware, which means without a valid dongle, there is no way to decrypt the protected data file. As for software protection, RLM system protects both reading and writing of the software; as for data protection, RLM system can realize zero-trace data protection without administrator privilege under Windows platforms. Documents are individually protected by RLM system so each data file has its own set of authorization properties. This is to facilitate software developer who mainly distributes DVD movies, MP3 music and e-Books PDF files etc.
RLM system is a role-based software management system to facilitate software distribution process. The roles provided in RLM system include administrator, product manager, sales manager, production staff, maintainer and developer etc. Each role will be provided with its own key to authorize specifically designed operations in the system, e.g. Product manager is to define new products and/or new licenses; developer is to use shell protection tool to protect the software; sales manager is to input orders; production staff is to make end-user new dongles with licenses and maintainer is to remote updating license etc. Security management is ensured by RSA algorithm. The main purpose of the role-based design is to provide simple management architecture with definite roles. Therefore, software developers are freed from the burden of software distribution and maintenance thus can focus more on software developing.
FEITIAN RLM system has included both ROCKEY4 LM and StoreROCKEY4 LM dongles. ROCKEY4 LM is based on high-performance smart-card chip and supports full features of RLM system. ROCKEY4 LM protects both software and data files in a highly secure way. StoreROCKEY4 LM is an extended type of ROCKEY4 LM in the sense that it functions exactly the same as ROCKEY4 LM but with flash memory ranging from 2G to 8G. The storage is divided into two parts: the normal storage and the read-only storage. The read-only storage acts as a virtual CDROM drive on windows platform and software programs can execute directly on it. Read-only feature prevents software programs from deliberately modification or other threats like viruses. The read/write speed of the read-only storage can reach 15MB per second on average. With this exceptional performance, StoreROCKEY4 LM can carry the protected software in the read-only storage to provide a perfect distribution solution for software developer.
•
Based on high-performance smart card chip
•
Supports onboard 3DES, RSA, SHA-1 algorithms
•
Contains universal unique hardware ID (HID) and supports user-defined ID (Customer ID)
•
Encrypts communication against data interception
•
HID device, non-driver design
•
Provides hardware-based random number generator
•
Hardware implemented counter and timer units
•
Provides multiple administrative accounts
•
Provides 32 features that protected by individual password for log-in and log-off
•
Provides 1KB user memory space
•
Supports RSA-based remote management
•
Supports Windows system dated later than Windows 2000
•
High-performance Flash memory storage models available, capacity ranging from 2GB to 8GB (optional)
•
Compliant with CE and FCC standards
•
Provides ROCKEY License Management tool, a perfect solution for distribution, delivery and maintenance of software and its licenses
•
Provides an easy-to-use envelope tool to protect software with ROCKEY4 LM seamlessly. The tool is optimized for Windows platforms so that it works more stable and fast
•
Provides the most advanced .NET programs envelope tool to present full .NET programs protection support in advanced technique of code obfuscation; runtime decryption; user definable function level encryption and decryption; anti-debugging etc.
•
Provides a data encryption tool to protect read/write of data files: multiple types of data files are supported; no administrator privilege required; high-strength cryptographic algorithm employed
•
Provides optional high-performance memory storage onboard the dongle so that software programs can execute on the virtual drive to prevent deliberate modification or other threats like viruses. (optional, different sizes available)