Large source code development enterprises in the purchase of source code security encryption products, it is recommended to follow the following steps and considerations content to carry out enterprise-level source code encryption software selection work.
1, deep-level drive encryption technology and security technology
Enterprise-level source code encryption software has two different technical routes: drive layer technology and application layer technology. Although the application layer hook method is relatively simple to realize, belongs to the transition technology, has entered the phase of elimination, now the mainstream technology is the driving layer technology. There are also differences in version support, and some vendors of drive-layer technology have launched a version that supports Windows Vista.
2. Source code encryption key and algorithm
On the encryption algorithm, what encryption algorithm is used is not the focus. However, in terms of key handling, it is generally not advisable to have a key length below 64 bits. For civil purposes, both 128-bit and 256-bit lengths are sufficient. It is important to note that the longer the key length, the greater the computation, and the more computing resources (including machine performance and time) are consumed. Key storage is also a key issue, including the generation, delivery, and backup of keys.
3, the basic function of source code encryption software
Basic functions such as renaming applications, renaming files, changing file types, cutting, copying, pasting, linking and embedding objects, dragging and dropping document content, screen copy control, screenshots, and print control are common. At present, most mature products have already effectively achieved these functions.
4. Source code encryption software for USB port management
Theoretically, this is not necessary. Because the file itself is encrypted, do not worry about being leaked to the outside. But according to the Layered Information security framework theory, these functions are necessary.
Source Code Encryption Software | Source code Encryption Software | Source code Encryption Software | Source code Encryption Software | Source code Encryption Software | Source code Encryption Software | Source code Encryption Software | Source code Encryption Software | Source code Encryption Software |
Keywords: source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, Source code encryption software.
5, the Source code encryption file type control
This is a requirement for hierarchical protection of documents. Currently encryption software is usually forced to encrypt the file type, but the same file type of non-dense files are also forced to encrypt, which is usually the user is not satisfied with the place. Because all of the same file types are encrypted, it will inevitably lead to inefficiency. and the environment encryption-based source code encryption products are not different file types, you can encrypt any format file, effectively match the software development process output ratio.
6, source code encryption and decryption efficiency
Efficiency and safety are often a pair of opposite quantities, during which a reasonable equilibrium should be found. In such applications as three-dimensional cad, CAE, graphic image production, some files are very large, if not better support dynamic encryption and decryption, may greatly affect the user's operational efficiency, performance as open a large file, each time the disk is too long.
7. Automatic backup of source code files
Automatic file backup is a necessary feature and a targeted security measure for system risk. When examining a file backup, you should be concerned about whether the load on the network and the machine at the time of backup will be large, how to reduce it, or how long it will take to allocate the load, how much backup copies are easy to retrieve in the future, and how many copies of the same file can be retained.
8. Source Code Encryption Client Management
Mainly includes in the implementation of the client's policy issued, after the client out of the server segment and connection, how to ensure that the offline client management.
9, the source code clear export problem
Encrypted files can only be used locally, and once the business needs to be sent externally, the plaintext must be decrypted into plaintext. At this time, most vendors use a dedicated approval and decryption process to control. Also sent to the designated e-mail address, the message of the secret attachment file is automatically decrypted. This function is called "Clear text Recipient" or "message whitelist".
10. Source code encryption and management system integration capabilities
Although the encryption system can be self-made system, but inevitably with some other management systems have integrated with the problem. To investigate whether it can be effective with a variety of authentication systems such as AD domain, ed domain and so on, but also with ERP, CRM, PDM/PLM system integration.
11, source code encryption in temporary files and "pseudo-encryption"
Many applications generate temporary files when they edit a data file. These temporary files are deleted when the corresponding data file is closed properly. Because these temporary files also store confidential business data, the protection of these temporary files is important.
Some enterprises commonly used the "pseudo-encryption" practice: ① use hook technology to intercept the file opening operation; ② the open file into a "secret" place, ③ in the background to the data file operation pointer to the "secret" in the plaintext; ④ when closing the data file, Encrypt the hidden plaintext and replace the original file. Such a design, so that users can appear to be able to open the editing ciphertext, edit saved after the obtained or ciphertext. But actually the application software real editing object is an unencrypted plaintext file. That "secret place" is actually easy to spot. If the user of the credit node knows the "secret place", it is perfectly possible to open the ciphertext to the "secret place" to get the plaintext.
12. Disaster tolerance management of source code encryption system
What happens when the server goes down and the network fails? How does the system respond to this risk? System disaster tolerance is an important index to inspect products. It is not assumed that all systems will operate normally, especially if pirated software is used extensively in the country.
13, the use of source code encryption software
Software installation, upgrade, configuration, user rights settings, logging and statistics, decryption machine, such as the details of each module is easy to use, whether effective and corporate business processes and document management process to cooperate. Reasonable management, not only will not increase the use of trouble, on the contrary will improve the speed of document flow, improve efficiency.
Keywords: source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, source code encryption software, Source code encryption software.
Source code encryption software procurement considerations!