Some points to be paid attention to in software development anti-leak solution

recently has been committed to research and development industry anti-leak Solution for source code encryption and leak-proof solution

so far, the understanding of the implementation of a number of projects, summed up the industry has the following characteristics:  

1 , the level of software developers is relatively high, first of all to be difficult to crack;  

2 , software developers of anti-monitoring, anti-encryption, anti-disclosure level is relatively high, more difficult to prevent. Ordinary encryption products, it is easy to kill by the second. People who want to spend time, Process Forge ip dll 95% 10

3 , most employees will conflict with monitoring or encryption. Unless the company is strong enough to send enough money, the unit is good enough, otherwise it is difficult to push, to carry out the project, need to find a balance point;

Software development environment, but also more complex:  

1,VC + + (mfc/atl/com/Service/socket),JAVA (JSP/J2EE/J2SE/J2ME), PHP,C # (App/.net),Proteland so on, if it's the power industry or embedded,PLCIndustrial,AndroidDevelopment , the development tools are more exotic. This time, the use of traditional encryption products to solve, basically dead end, because there is no way to carry out so many process association;

2 , can not affect the local debugging and compilation, especially network-related debugging or service debugging, simulator debugging;

3 , Server Linux mostly, the client basically has the virtual machine;

in the use of behavioral management generally have 3 points:  

1 , need to give employees a certain amount of free space. For example, Internet search information,QQ , as long as the company does not involve confidential, or allow him to do, do not monitor. so employees are not prone to dislike too much;

2 , security and convenience are opposites, to master a balance point, not affect the efficiency is not possible, the impact is too strong will be disgusted, the company did not help;

3 , there is no absolute security, the purpose of security is to increase its leakage costs, rather than completely eliminate the leak, no one dares to pat the chest said his product no problem, even if Microsoft is such a big company, the product still has Bug ;

4 , when there is a genuine need for a leak prevention program, there must be a reasonable set of rules and a suitable security software, in conjunction with the use, complementary;  

when selecting product selection, it is necessary to satisfy some conditions at the same time:  

1 , does not affect the compilation, debugging Debug ;

2 , does not affect version management, version comparison;  

3 , not just . cpp such as source code encryption, its appendages, Obj,exe all need to be controlled;

4 , cannot destroy files;

5 , the best source code documents on the server is clear text, in the employee development machine is ciphertext, reduce the reliance on encryption software, to prevent security incidents;

6 , can not affect the SISU network search data, on QQ , ETC., but can not be caused by this disclosure;

Some points to be paid attention to in software development anti-leak solution