|P is for Practical|
Authentication of off-line applicationby ruoso (Curate)
|on May 18, 2006 at 20:25 UTC||Need Help??|
ruoso has asked for the wisdom of the Perl Monks concerning the following question:
Today I was talking about a system that I'll probably have to deal with in the near future. This system is stand-alone, running in off-line stations receiving payments. At the end of the day, the system generate a transaction file which is then sent to the server by the available media (floppy disks are one of them)...
These computers are scattered all over the entire state, receiving payments from customers.
The question is: How to make it harder to someone start running the system in another computer, enter only part of the income and generate a valid transaction file?
UPDATE: All the replies are correct, but doensn't address the real problem, which is to make it harder to someone to copy the private key or the crypt key with the system to a third computer... how to authenticate the machine itself?