Post new topic Reply to topic  [ 9 posts ] 

Board index : TeleFlow Forums : TeleFlow Designer & Simulator

Author Message
 Post subject:
PostPosted: Sat Mar 27, 2004 12:19 pm 
Offline

Joined: Sat Aug 09, 2003 12:00 pm
Posts: 20
Location: Iran
Is there any way of password protection of source code so that it can only be accessed by us and not anyone else who may have a copy of TF Designer. <br>We do not wish to leave the TF Designer at customer site but have to leave the (source) code there as it gets used in run-time. <br>We would like to make sure that source code is not accessed by anyone else except us. <br>How can we do this and can we remove the TF designer from the customer equipment as it is not used in run-time. <br>What is usually done?


Back to top
 Profile WWW 
 
 Post subject:
PostPosted: Tue Mar 30, 2004 11:37 am 
Offline

Joined: Mon Mar 15, 2004 3:55 pm
Posts: 35
Location: USA
I was thinking of just using windows permissons or security policies on either the files or the containing directory. Depending on the OS system and file sharing options you have in place. Have the host/process account under which the code runs have the only access to the files.


Back to top
 Profile  
 
 Post subject:
PostPosted: Tue Mar 30, 2004 11:53 am 
Offline

Joined: Sat Aug 09, 2003 12:00 pm
Posts: 20
Location: Iran
We can organise that and should be no problem. However is there anywhere at all that you could add PASSWORD protection to TF Designer so that when it is set, only by entring it, the source code can be accessed. <br>Is it possible to enbed this somewhere in the code?


Back to top
 Profile WWW 
 
 Post subject:
PostPosted: Tue Mar 30, 2004 11:54 am 
Offline

Joined: Sat Aug 09, 2003 12:00 pm
Posts: 20
Location: Iran
I guess we have to suggest it to the TF team so that it can considered. This has caused a bit of concern to us.


Back to top
 Profile WWW 
 
 Post subject:
PostPosted: Tue Mar 30, 2004 12:42 pm 
Offline

Joined: Wed Mar 19, 2003 4:28 pm
Posts: 510
Location: Canada
This is certainly an issue that needs to be addressed. How to address it is being considered. Will post more on this when we have a better idea about the approach we will take, and when an approximate timeline can be provided. <br> <br>Using OS security and removing TFDesigner.exe from the end user system is certainly a reasonable 'first-line' of defense at this time.


Back to top
 Profile WWW 
 
 Post subject: Any progress?
PostPosted: Wed Nov 21, 2007 2:08 pm 
Offline
User avatar

Joined: Fri Feb 06, 2004 11:05 am
Posts: 115
Location: Costa Rica
It's been more than 4 and half years since that post and I yet don't see any way to password-protect the sources from being edited by the customer...

I'm also worried about this... Did your team come up with something to protect the sources?


Back to top
 Profile  
 
 Post subject:
PostPosted: Thu Nov 29, 2007 11:01 am 
Offline

Joined: Wed Mar 19, 2003 4:28 pm
Posts: 510
Location: Canada
Thank you for drawing our attention to this open question and posting.

As you noted, it has been a few years since the last post on the issue, and strictly due to the lack of demand for this feature, we have decided not to implement a password protection for TeleFlow applications. However, should the need increase, we can re address the demand and determine if a business case can be made for this request.

We can provide suggestions on how you may be able to protect your applications by deploying "unreadable" Tap/Tams.

In the past, we have deployed "unreadable" Tap/Tams where we remove all the X,Y coordinates from the steps, and not allow TeleFlow Designer to load the steps. That has been the general approach, and prevents the editing of Tams. Of course, and like anything, if a determined hacker knows what they are doing, the code could be released.

To date, these posts were the last time this functionality was requested; while other functionality is frequently requested and addressed. On a strict basis of priority, password protection for TeleFlow applications has not been demanded enough to justify the change in TeleFlow and therefore was removed from our update list. Presently, it is safe to say that this will not be addressed in the near future.


Back to top
 Profile WWW 
 
 Post subject: So, how is it done?
PostPosted: Thu Nov 29, 2007 11:43 am 
Offline
User avatar

Joined: Fri Feb 06, 2004 11:05 am
Posts: 115
Location: Costa Rica
I'd like to know these suggestions on how to deploy "unreadable" TAP/TAM source files, as long as they can be read, interpreted and executed by the TeleFlow Server (in the production environment).

Thanks in advance.


Back to top
 Profile  
 
 Post subject:
PostPosted: Thu Nov 29, 2007 7:46 pm 
Offline

Joined: Wed Mar 19, 2003 4:29 pm
Posts: 43
Location: Vancouver
At one point, we had a lot of requests for a feature to encrypt TeleFlow applications. Over time, there was less and less of a need for this.

There is a hidden routine that is in Designer for saving Tams without the coordinates. This effectively scrambles the steps, and makes them un-editable. There is also a checksum number that goes along with that to make sure that if someone uses a binary editor to manually make changes to the structure... it will still remain un-editable.

Just recently however, XML has been added as a file option for the Designer to save. XML is by its nature very easy to work with. If we were to make the scramble option visible, we would need to add a bit more code to output in "protected" mode, and not allow output in XML.

When you are needing this, please communicate to Shauna, and we will get a time arranged to this feature in a menu for registered users only.... which will provide another level of projection.


Back to top
 Profile WWW 
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 9 posts ] 

Board index : TeleFlow Forums : TeleFlow Designer & Simulator


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Style by Midnight Phoenix & N.Design Studio
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.