Java Software Protection

Java-Based Software Products Are Vulnerable to Attack

Because of its platform independence, Java and J2EE has become an increasingly popular programming platform for software vendors. Yet Java’s open source code, publicly available .class file format, and simple instruction set leave it open to prying eyes and hostile analysis. As organizations move their software products to Java technologies, critical intellectual property becomes vulnerable to reverse engineering, manipulation, software piracy and theft. In the following, you will get a brief overview on how to reliably protect your java and J2EE based software assets.

• How to Protect Commercial Java Applications
• Out-of-the-Box Java Security with Sentinel HASP
• More Information on How to Protect your Java Products

How to Protect Commercial Java Applications?

Today, class file encryption and obfuscation at the source code and byte code levels are the two primary measures developers use to thwart reverse engineering attacks on java software, yet vulnerabilities remain.

Enveloping

• Prevents analysis of static .class files and byte code by applying full file encryption/decryption.
• Developer exchanges the original loader of a protected Java file for a custom loader that handles the encryption/decryption.
• Encryption prevents the analysis of .class files by using an algorithm to change them from the standard Java .class file format to a format that is unreadable to anyone except those possessing the cryptographic key.

Nevertheless, the byte code of the .class file remains plain in one location in memory, where it is usually accessible in the moment before the system class loader tries to load the class. If a hacker is able to find that memory location, he or she can access the class in its original state.

Code Obfuscation

• Prevents hackers from attacking this memory by generating a more complex and difficult-to-understand version of code that behaves in the same way as the original code.
• Read the white paper “How Software Publishers Can Overcome Java Vulnerabilities to Code Manipulation, Reverse Engineering & Theft” (link) to learn more about enveloping and code obfuscation.

Out-of-the-Box Java Security with Sentinel HASP 

Until now, these defenses needed to be manually implemented in Java software which is costly, takes time, and leaves vulnerabilities – especially if your developers are not in-depth security experts. With Sentinel HASP 5.1 Java developers can now deploy the only software protection and software licensing solution on the market that provides method-level protection against reverse engineering of your highly-vulnerable Java2 Enterprise Edition (J2EE) applications.

Sentinel HASP provides an automatic file wrapper for robust Java software protection through file encryption and native code obfuscation. This ensures that algorithms, trade secrets, and professional know-how embedded in software are secured against hackers. 

Download a FREE Sentinel HASP developer kit today!

More information on how to protect your Java software products 

• Link to White Paper: “Overcoming Java Vulnerability"
• Webcast: "How to Protect Java Based Software - A Software Publisher's Guide to Piracy Prevention" 
• Download a FREE Sentinel HASP Developer Kit
• HASP Product page