To top
Wibu Middleware Wibu Middleware

Access Protection


Why Do You Need Access Protection?

Many secure websites are protected only by a password, which can easily be shared to provide unauthorized access to many people. Some websites bind the access control to a particular PC, which requires each “new” PC the user wants to use to be authorized. This can improve security but also create challenges to mobile workers.

Whether you’re protecting a SaaS application or just have sensitive information on an internal or external website, CodeMeter Identity from Wibu-Systems USA will help make sure only authorized users have access.

CodeMeter Identity extends the power of hardware-based license management and anti-piracy protection to the access of websites; while giving you the choice of using Host-ID machine binding. CodeMeter Identity is the right product if:

  • You have a website and want to protect the access to this website to specific users (eg., Software as a Service (SaaS)).
  • You run software as a service at a website and want to restrict the access to this website to your customers.

The website can run in the Internet, in the Intranet of a customer, or within your own local Intranet.

How Does CodeMeter Access Protection Work?

CodeMeter Identity uses a CmDongle or CmAct license in a CmContainer as an authentication token to allow access to a website. Either symmetric or asymmetric key encryption is used to verify that the user is allowed access to the website

In the case of symmetric key encryption, both the CmContainer and the web server share the same key. Rather than send the key via the Internet to authenticate the user, the web server sends a random string to the CmContainer which in turn encrypts the string. The encrypted cypher text is then compared by the web server to the result it gets when it performs the same encryption. Only if the CmContainer and the web server have the same key will the cypher text be the same.

If you choose to use asymmetric encryption (also known as public key infrastructure, or PKI), you can use either elliptic curve or RSA encryption methods. With either system, a communication between the web server and the CmContainer compares a random string encrypted with a secret key (on the hardware device) with a decryption via the public key (on the web server).

There are advantages and disadvantages to both symmetric and asymmetric key encryption schemas. Please contact Wibu-Systems USA for assistance in choosing which method works best for your requirements.