-5

We have developed an algorithm that processes some data at runtime and is slight efficient in terms of time and computing compared with other solutions out there. Though we sure anyone can develop a similar algorithm, for now at least we have good results for the same.

We will be deploying that algorithm as an SDK/library made in C++ and will be sharing it with clients. The concern is a client can share that library with anyone and get it running without our involvement, how to prevent that?

We are planning to obfuscate the code so that it becomes slightly difficult for them to know internals(I know it is still possible even with obfuscation) but that doesn't help with the concern. What other techniques do are used to prevent such use case?

One option is to keep the code on the cloud so that things are under our control but the application is a kind of wearable device(not regular consumer watch) and internet availability isn't possible. The wearable device has OS similar to Android and has data and time which the user can change(added this point if it helps in any way).

software_dev
  • 1
  • 1
  • 2
    There are two sorts of customer in this world: 1) the honest ones. They won't share your library with others, because they're honest. 2) the dishonest ones. Make sure you have Type 1 customers, not Type 2; this isn't a software engineering problem though. – Philip Kendall Dec 26 '20 at 09:47
  • 3
    Does this answer your question? [How can software be protected from piracy?](https://softwareengineering.stackexchange.com/questions/46434/how-can-software-be-protected-from-piracy) – gnat Dec 26 '20 at 10:18
  • 2
    *What other techniques do are used to prevent such use case?* - the #1 technique: you make a contract with the client which forbids this. – Doc Brown Dec 26 '20 at 13:20

2 Answers2

1

The concern is a client can share that library with anyone and get it running without our involvement, how to prevent that?

You cannot prevent this by technical means.

The typical way this is prevented in the real world is through legal means: You have the legal department draw up a good, enforceable contract and then you drag those customers that break it to court.

Bart van Ingen Schenau
  • 71,712
  • 20
  • 110
  • 179
1

@Bart Van Ingen Schenau is basically correct.

In most jurisdictions, you have two choices for protecting your algorithm. What he's described is essentially trade secret protection. To get actual trade secret protection (rather than just a normal contract) you normally have to identify fairly specifically that you're revealing trade secrets to them, and identify what parts of what you're revealing to them fall under trade secret protection.

The other obvious possibility would be to patent the algorithm(s). In this case, if you get the patent, the algorithm will be published (part of the point of a patent is to publish the invention it covers), but the patent gives you the right to exclude others from using your patented invention.

Note that patents on algorithms are somewhat limited--in the US they have to be written fairly carefully to be valid, and in some jurisdictions they're prohibited in general.

Jerry Coffin
  • 44,385
  • 5
  • 89
  • 162