Announcement

Collapse
No announcement yet.

Protecting a channel

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Protecting a channel

    I have been asked to provide a channel for an Interface for a client. There is a potential for this channel to be used in over 30 locations. My question is this. They have taken my work before and copied it and modified it. They dont want to pay for the source code or pay a decent amount to deploy it in multiple locations. Is there a way to protect the channel so that it can not be viewed or copied?

  • #2
    Originally posted by mroberts View Post
    I have been asked to provide a channel for an Interface for a client. There is a potential for this channel to be used in over 30 locations. My question is this. They have taken my work before and copied it and modified it. They dont want to pay for the source code or pay a decent amount to deploy it in multiple locations. Is there a way to protect the channel so that it can not be viewed or copied?
    While there are potential technical solutions for the specific problem you've identified, I think the first thing you should look at is the agreement between you and your client. In most consulting contracts, the customer is the owner of the IP developed by the contractor; it's a "work for hire."

    Any restrictions you place on the use of your work should be clearly defined and agreed upon up front, or you could be vulnerable to legal action by your customer.

    If your work was sold as a licensed product with specific usage provisions, you have every right to initiate a suit of your own.
    Last edited by Jeff Drumm; 07-07-2019, 06:36 AM.

    Comment


    • #3
      I understand. In this particular case they do not want to pay the amount to own the IP.

      Comment


      • #4
        Originally posted by mroberts View Post
        I understand. In this particular case they do not want to pay the amount to own the IP.
        Unfortunately, it doesn't look like there's any sort of role (or user)-based security, so there's no real way to protect a channel itself unless you keep the password to yourself.

        A potential option is to embed core functionality from your integration logic in a custom connector or plugin, obfuscated and implementing some sort of host-ID based Java licensing scheme. If you want to restrict it to a single channel on a single server, you'd also need some sort of mechanism to limit its operation to a single thread.

        If you want to be really secretive, you would hard code any source or destination values (IP addresses, file paths, URLs, etc) and once the connector/plugin is signed, it'd effectively be immutable (assuming I'm not full of crap).

        There's always a way around this stuff so no guarantees.

        And the thought of building closed-source proprietary and restricted modules for an Open Source engine just doesn't feel right to me ... unless of course you're the developer of the engine as well

        Comment


        • #5
          There actually is role-based security, but it is implemented as a commercial extension from Nextgen. The framework is there for someone to develop an open user roles plugin if someone really wanted to tackle that. Presumably, that wouldn't really matter anyway, as the client probably has full access to their own server.

          Comment

          Working...
          X