Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 232
  • Last Modified:

Creating an online activation system

Hi, I want to implement an online activation system for my application. I want to write it myself so I have full control over changing it, if it gets hacked etc.

My application is a Windows app. The user will click a button, and an encrypted string will be sent to my web app, which will decrypt it and then lookup the data in a database and then send an encrypted string back to the sender. The windows end is no problem, it's the web app where I need advice. I am not sure what technologies to use to achieve this. I want it to be as secure as possible to limit hacking. I was thinking of writing a web service (soap server) as the web app. Would this be the best way to go?

Also, the database? This will have about 30 thousand records initially and it needs to be secure. Would MySQL be a good option?

I am most familiar with Delphi 7, but I can easily adapt to any other language.

Thanks. Best regards,
Gary
0
GaryHandley
Asked:
GaryHandley
3 Solutions
 
Ivanov_GCommented:
Web Service is good enough. Maybe you can think of XML parameters (encrypted of course)

<REQ>
  <LICENCE>asjdfh120949asjlhfjakl</LICENCE>
  <DATE>....</DATE>
</REQ>

and the response in similar way.

MySQL does not offer a consistensy with all the needed feature in development phrase. You can have a look at PostgreSQL - it is more like a real database - triggers, transactions, etc ... and syntax similar to PL/SQL. One disadvantage is if you have Full-Text-Search which is faster in MySQL
0
 
UbethatwayCommented:
The simplest option, IMO, would simple be to use a TCP connection to pass the encryped string. As long as you have your DB server behind a firewall, and its access is restricted to your server app, then security shouldnt be an issue. Also, i would have thought that if you passed the right information to the server app in your encrypted string, you wouldnt need a full-text-search (if you set up you primary keys properly etc).

Hope that helps, Mark
0
 
TheRealLokiSenior DeveloperCommented:
any HTTP server that supports SSL is fine.
even Indy has a demo that does this (there is also just a simple Indy TCP SSL demo)
http://www.indyproject.org/Sockets/Demos/index.en.aspx
At the server end, you can use whatever you want. mysql will be fine for this.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
BlakeyUKCommented:
Hi,

I had a similar question a short time ago and a person called Workshop Alex gave me an excellent and detailed explanation of options available.

It may help you.

http://www.experts-exchange.com/Programming/Programming_Languages/Delphi/Q_21936302.html#17224561

Best Regards
Blake

0
 
GaryBytesCommented:
Hi, the question has not been answered, but please split the points between Ivanov_G , Ubetthatway and BlakeUK.

There are no options for me to accept answers, perhaps because the question is old.

Gary
0
 
cwwkieCommented:
0
 
GaryBytesCommented:
If you want to ask a question about my account please e-mail me directly.
Gary
0
 
GaryBytesCommented:
If anyone is reading the solution to this, please ignore the accepted answer. "cwwkie" ignored my request on points spread, so it is misleading. In fact this thread should be deleted as it will likely put people on the wrong track if they have a similar issue.

Gary
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now