Shulou(Shulou.com)06/01 Report--

Keywords: source code encryption software, source code encryption software.

When large source code development enterprises choose and purchase source code security encryption products, it is recommended to carry out the selection of enterprise source code encryption software in accordance with the following steps and matters needing attention.

1. In-depth drive encryption technology and security technology

Enterprise source code encryption software has two different technical routes: driver layer technology and application layer technology. Although the implementation of the application layer Hook is relatively simple, it belongs to the transitional technology and has entered the phase of elimination. Now the mainstream technology is the driver layer technology. In terms of version support, it will also be different. Some manufacturers of driver layer technology have launched versions that can support Windows Vista.

2. Source code encryption keys and algorithms

In the encryption algorithm, what kind of encryption algorithm is not the focus. However, in terms of key processing, generally speaking, it is not advisable for the key length to be less than 64 bits. For civilian purposes, 128-bit and 256-bit lengths are sufficient. It is important to note that the longer the key length, the greater the amount of computation, and the more computing resources (including machine performance and time) are consumed. The preservation of keys is also a key issue, including the generation, transmission and backup of keys.

3. Basic functions of source code encryption software

It is common to rename applications, rename files, change file types, cut, copy, paste, link and embed objects, drag and drop document content, screen copy control, screenshot and print control and other basic functions. At present, most mature products have effectively achieved these functions.

4. USB port management by source code encryption software

In theory, this is unnecessary. Because the file itself is encrypted, do not worry about being leaked to the outside. However, according to the theory of hierarchical information security architecture, these functions are necessary.

Source code encryption software | Source code encryption software

Keywords: source code encryption software, source code encryption software.

5. Control of source code encrypted file types

This is a requirement for hierarchical protection of documents. At present, encryption software usually encrypts file types forcefully, but non-secret files of the same file type are also forced to be encrypted, which is usually dissatisfied with users. Because all the same file types are encrypted, it will inevitably lead to inefficiency. The source code encryption products based on environment encryption do not distinguish the file type, and can encrypt any format file, which can effectively match the output ratio in the process of software development.

6. Efficiency of encryption and decryption of source code

Efficiency and safety are often a pair of opposite quantities, during which a reasonable balance should be found. In applications such as three-dimensional CAD, CAE, graphics and image production, some files are very large. If dynamic encryption and decryption are not well supported, the operation efficiency of users may be greatly affected. After opening a large file, the time of saving each time is too long.

7. Automatic backup of source code files

Automatic backup of files is a necessary function and a targeted security measure against system risks. When examining file backup, attention should be paid to whether the load on the network and machines will be great, how to reduce or distribute the load in time, how to easily retrieve a large number of backup copies in the future, how many copies of the same file can be retained, and so on.

8. Source code encryption client management

It mainly includes issuing the policy to the client during the implementation, and how to ensure the management of the offline client after the client is separated from the server segment and connection.

9. The problem of plaintext export of source code

Encrypted files can only be used in a local scope, once the business needs, it is really necessary to send the file to the outside, it is necessary to decrypt the plaintext into plaintext. At this time, most manufacturers use a special approval and decryption process to control. When a message is sent to a specified email box, the secret attachment file in the message is automatically decrypted. This function is called "plaintext recipient" or "mail whitelist" and so on.

10. Integration ability of source code encryption and management system

Although the encryption system can form its own system, it will inevitably have the problem of integration and cooperation with some other management systems. It is necessary to examine whether it can be effectively combined with various authentication systems such as AD domain and Ed domain, as well as the integration with ERP, CRM and PDM/PLM systems.

Temporary files and "pseudo encryption" in source code encryption

Many applications generate temporary files when editing data files. These temporary files will be deleted after the corresponding data files are normally closed. Because these temporary files also store confidential data of enterprises, the protection of these temporary files is very important.

Some enterprises often use "pseudo-encryption" practice: ① uses Hook technology to intercept the open operation of the file; ② secretly decrypts the open file to a "secret" place; ③ points the pointer to the data file operation pointer to the plaintext located in the "secret" place in the background; ④ encrypts the hidden plaintext and replaces the original file when closing the data file. This design makes the user seem to be able to open and edit the ciphertext, and the ciphertext is still available after editing and saving. But in fact, the object that the application software actually edits is an unencrypted plaintext file. That "secret place" is actually easy to find. If the User of the credit node knows about this "secret place", it is perfectly possible to go to that "secret place" to get the plaintext when opening the ciphertext.

12. Disaster recovery management of source code encryption system

What happens when the server goes down and the network fails? How does the system deal with this risk? The disaster recovery ability of the system is an important index to examine the product. It cannot be assumed that all systems will operate normally, especially when pirated software is widely used in China.

13. Ease of use of source code encryption software

Software installation, upgrade, configuration, user rights settings, logging and statistics, decryption machine and other details of each module is easy to use, whether it is effective with the company's business process and document management process. Reasonable management, not only will not increase the trouble of use, on the contrary, it will improve the speed of document circulation and improve work efficiency.

Keywords: source code encryption software, source code encryption software.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.