jamshaid,
If I understand correctly, you have an application that can be publicly obtained, yet you do not want people to run it unless you give them permission. This is normally accomplished via keys/serial numbers, which are used by virtually all software programs that try to protect against piracy. The problem with .NET code is, however, that its trivial to decompile back to source code even after you compile it. Therefore, it means:
1. anyone can look at your source code and just copy it, and make their own application using your logic.
2. you cannot store secrets in code (this is a general guideline, even for unmanaged code)
You have the following options to help protect your application and your code:
1. Use an obfuscator tool () to mangle your assembly (http://www.remotesoft.com/salamander/obfuscator.html). This will not prevent the smartest people from getting to your source, but will stop most.
2. Require a key to activate your application. You can further strengthen this approach by not sotring the key in your code, but instead hashing a well known value with the key and storing that. On verification, you can hash the wellknown value with the user provided key, and see if they match. This still suffers from users being able to share the key, so you could have multiple versions of your application use one of the many keys, so that you will give different users different keys (most of the time).
Hope this gives you some ideas,
Mike Volodarsky
Program Manager
IIS Core Server / ASP.NET Runtime
This posting is provided "AS IS" with no warranties, and confers no rights.
Read more about IIS7 on my blog at
www.mvolo.com