Sentinel LDK (Sentinel License Development Kit) 为软件开发商提供强大的防盗版与知识产权保护解决方案,并以无以伦比的灵活性协助您保护收入和增加销售额。Sentinel 系统防止软件未经授权的使用,保护软件版权和知识产权,并提供多种授权模式。
Sentinel LDK 的优势、独特性和灵活性基于两个主要原则:
Sentinel LDK 独特的 一次保护—多种分发—不断改进™ 设计理念让您能够将业务与保护(工程)流程完全分开,以最大限度提升业务灵活性,同时确保以最优方式利用您的员工时间和核心竞争力,从而缩短产品问市的时间。
交叉锁定™ — 支持一次保护—多种分发—不断改进原则的技术,使受保护应用程序能与 Sentinel 硬件锁或 Sentinel 许可证证书(软件锁)配合使用。在实施保护后,所有商业决策、软件包的创建及授权的定义均由产品经理或营销经理执行。
这种工作流程模式为定义新的销售和授权模式(包括基于功能的授权和组件授权、评估授权、租用授权、浮动授权、订购、试用件、按使用付费等等)提供了更大的灵活性和自由度,使您可以集中精力关注收入增长。
What's New in Sentinel LDK 8.0?
This section describes the main new features and enhancements.
Cloud Licensing
The Sentinel Cloud Licensing Add-on for LDK has been replaced with a new cloud licensing solution for distributing licenses. This solution is based on the software-based protection keys, but it provides an extension to the traditional method. The cloud licensing solution provides a simpler mechanism, both for the vendor and for the end user, for distributing and managing licenses.
Using this license model, the vendor generates and installs all required product licenses on a single license server machine. The vendor then generates and distributes a unique license string for each end user. The end users install the protected application and the license string on their machine.Each end user can then access the license server and consume a license to execute the protected application online or to detach a license and then run the protected application offline. The new solution was designed as part of Sentinel LDK and does not require the use of a separate API. License consumption and other operations, such memory access and encryption, are fully supported and are performed using the regular Sentinel LDK Licensing API. Unlike the previous solution, applications that use cloud licensing can be protected with the Envelope tool.
References to the previous cloud licensing solution have been removed from the product documentation.
For more information, refer to the Sentinel LDK Software Protection and Licensing guide.
Additional Space for Features and Dynamic memory in Driverless HL Key
Sentinel LDK now supports utilizing the additional space in Sentinel HL (Driverless configuration) keys for Features and Dynamic memory. For information on the space available in these keys, refer to the latest Sentinel HL Data Sheet.
Balancing Security and Reliability Against the Convenience of Your Customers
Sentinel LDK now enables you to better balance the security and reliability of your licensed applications against the convenience of your customers.
In Sentinel EMS or Sentinel License Generation API, you set the configuration parameter Minimum RTE/API Version to the minimum version of the Run-time Environment and/or Licensing API libraries that are in use by your customer base. As a result, licenses updates generated by Sentinel LDK will only include security and reliability improvements that can be supported by the conditions on your customers’ machines.
In Sentinel EMS, the Minimum RTE/API Version parameter replaces the Default Clone Protection Version parameter When upgrading Sentinel LDK for this release, the value for Minimum RTE/API Version is based on the existing value for the Default Clone Protection Version parameter. In Sentinel License
Generation API, the tag replaces the version attribute of the protection_ex> tag.
Run-time Environment Is Now Supported Under Linux ARM
Sentinel Run-time Environment can now be installed on Linux ARM platforms. As a result, Linux ARM platforms can now support:
> SL AdminMode key, SL UserMode keys, HL keys (Driverless and HASP), and HASP keys.
> Concurrency. A protection key with concurrency on a Linux ARM machine can serve licenses to applications on other machines.
Sentinel LDK Now Supports Android 10.x
Sentinel LDK supports Android 10.x applications, with the following limitations for APK protection:
> When compiled with Android API level 28 or earlier, protected APKs (both Java and native) are supported.
> When compiled with Android API level 29, protected APKs (Java only) are supported. Protected APKs (native) are not supported.
Sentinel LDK EMS Now Uses OpenJDK
Sentinel LDK EMS now uses OpenJDK instead of Oracle JDK. This is due to licensing changes by Oracle.
Extended .NET Core Support Including Linux Runtime Support
Sentinel LDK now provides extended .NET Core support (Version 3.1 Framework ). This includes Envelope runtime support for Linux.
Protection of the application must be done using Sentinel LDK Envelope on a Windows platform. For more information, see the Sentinel LDK Envelope help system.
Generate a Fingerprint for SL Keys Using Admin Control Center
An end user can now use Sentinel Admin Control Center (local or remote) to generate a fingerprint of the local machine as part of the process of receiving an SL license. For Windows machines, this capability provides an alternative to the RUS utility. For Linux or Mac (where Admin Control Center is available), only SL AdminMode fingerprints can be generated. When Admin Control Center version 7.103 or later detects a vendor library on the user's machine AND no SL
key for that Batch Code exists on the machine, an SL key placeholder is displayed on the Sentinel Keys page. If multiple vendor libraries exist, a placeholder may be generated for each Batch Code. The user can click the Fingerprint action on a placeholder to generate a fingerprint file for the relevant Batch Code. 
Vendor libraries are only included in the Run-time Environment installer when you generate a customized installer using Sentinel EMS.
If no vendor libraries are found on the machine, a placeholder for the DEMOMA batch code is displayed.
Event Logging API for NET Core 2 Applications
NET Core 2 under Linux does not support Windows Forms. This creates limitations in generating messages to the end user for protected applications developed using .NET Core 2 on a Linux platform. By default, message are only transmitted using the default method, which is printing the message to the console. In many instances (for example: server apps), the console is not available.
The .NET Envelope Event Logging API enables you to generate message to the end user for these applications when the application is protected using Sentinel LDK Envelope.
This API intercepts all messages and transmits them to the end user using any of several possible methods.
For example, messages can be saved to a file, sent to any logging system, or sent through e-mail.
For more information, see the description of the Event Logging API in Samples\Envelope\DotNET\NET_ Envelope_Runtime_API.html in the Sentinel LDK installation for Windows.
Envelope Now Supports Background Check for Android Applications
Android applications protected by Sentinel LDK Envelope can now perform periodic background checks for the required protection key. This feature is available for APK and AAR libraries. The feature is not supported for SO-only protection.
Note that threads are not suspended when a background check is triggered from the Java Envelope runtime (unlike the Envelope runtimes for other platforms). However, the Abort and Retry buttons are displayed when a required license is not found.
For more information, see the Sentinel LDK Envelope help system.
Support for Oracle Java 11
Sentinel LDK Envelope under Windows now supports the protection of Oracle JDK 11 applications for Windows, Linux, and Mac. This includes applications that use the Java Platform Module System (JPMS).
As part of the protection process, Envelope generates files that contain the command required to execute module-based applications on different platforms. You must modify these files before using them to execute the protected application.
Envelope does not support the protection of Multi-Release JARs (MRJAR) to target multiple versions of Java.
For more information, see the help system for Sentinel LDK Envelope.
Sentinel LDK Product Improvement Program
Thales has implemented a program to collect data on the ways that Sentinel LDK is used by vendors to protect their software applications. This information enables us to understand the types of applications that vendors and protecting and which features are used most frequently. As a result, Thales will be better understand which features are most important to vendor and where to allocate resources to improve the Sentinel LDK product.
At the current time, information is collected by Sentinel LDK Envelope. The information accumulated is stripped of identifying elements before transmission to Thales.
You have the option to discontinue your participation in this program by clearing the Participate in Product Improvement Program check box in the Settings screen in Sentinel LDK Envelope.
Option to Check License Expiration Date More Frequently
Until now, the expiration date of a Feature in protected application was only checked when the application logs in to the Feature. If the application was allowed to run continuously, the Feature could continue to be used even if its expiration date had passed.
You now have the option to set an attribute called die_at_expiration in the LoginScope function in Sentinel Licensing API. When enabled, this attribute causes the expiration date to be checked each time the Encrypt or Decrypt function is called by the application. If the function discovers that the expiration date of the Feature has passed, the session is interrupted and status code HASP_FEATURE_EXPIRED is returned.
For more information, see the topic "Checking the License Expiration Date of a Feature" in Sentinel Licensing API documentation.
Support for Amazon EC2
When using cloud licensing, the license server can be located on an Amazon EC2 platform (Windows or Linux).
Thales recommends that you select the Platform Default clone protection scheme for licenses on this server.
