Anti-Piracy Laws Essay Example | Topics and Well Written Essays - 1250 words

Anti-Piracy Laws - Essay Example Following an audit by the Business Software Alliance, in which our organization was found guilty of violating copyright laws and of running unlicensed, pirated, software on some of its computers, the ICT department experimented with both software and hardware deterrence mechanisms prior to implementing the former. With the proliferation of peer-to-peer software and the growing ease of downloading and installing pirated software, organizations often confront serious difficulties in implementing anti-piracy regulations. Certainly, there are few, if any, organizations which do not have clear-cut anti-piracy policies but employees often assume that they will not be caught.' The fact is that they can very well be, with the organization left liable for the payment of the resultant fines and vulnerable to lawsuits by the software producers in question (Kizza, 2002). It is for this reason that policies have to be complimented with hardware or software-based deterrent techniques. Following a February 2006 audit by the Business Software Alliance, our organization decided that since policies were not effectively deterring employees from infringing anti-piracy laws, software and hardware mechanisms were required. A thorough study of the advantages and disadvantages of each was conducted prior to implementing software solutions. Special purpose hardware is commonly use... Special purpose hardware is commonly used in proof of ownership, to provide secure data storage and to provide a secure execution context for security-sensitive applications. Such hardware is typically more cumbersome for the user and more expensive than software based techniques. 2.1.1 Dongles A dongle is a hardware device distributed with software. Possession of the device proves ownership of software. A dongle typically connects to an I/O port and computes the output of a secret function. While running, the software periodically queries the dongle. If the communication fails or the results of the query are wrong, the software reacts appropriately (Craig and Burnett, 2005). There are three major drawbacks to dongles. These are cost, impracticality and vulnerability. Dongles are expensive at $10 per unit and distributing them with software is not practical. Thirdly, the attack point is clearly defined since the interface to the device is a hardware interface. This means that the signals passing over the interface must conform to the software standards. This gives attackers and analysis advantage (Craig and Burnett, 2005). 2.1.2 Tamperproof CPUs Tamperproof CPUs aid in piracy prevention by providing a secure context and/or secure data storage. By executing the software in a secure environment, the pirate is unable to gain access to the software. This technique prevents the attacker from observing the behavior of the software which means he is unable to identify portions of the software to remove. The obvious drawback to this technique is the cost of requiring all users to have tamperproof hardware (Flynn, 2005). 2.1.3 Smartcards Smartcards store cryptographic keys for use in authentication and authorization systems. A typical smartcard