Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Tue Jun 16, 2009 10:07 pm Post subject: How is the Authentication Web Service secured? |
|
|
The Authentication Web Service definition is public - it must be to allow its methods to be called. The methods themselves are protected using public key encryption. Each of the management methods (called from License Tracker) are signed using a private key associated with the product and the Authentication Service verifies the signature to ensure that only you (the owner of the product) can call these methods.
In addition all methods (including the AuthenticatedKey method called by your application via ILS) encrypt the method data (arguments and return data) to ensure that method calls cannot be intercepted and analysed. _________________ Infralution Support |
|