Voted Best Answer
Jan 02, 2018 - 06:35 AM
There's a number of SAM vendors and SAM practioneers that can help steer you in the right direction.
Your answer is either/both of technology and/or legal terms & conditions; but the combination is dependant upon a LOT of things.
From a legal T&C perspective ( where the application is not hindered by product keys, dongles, sign-ins, etc.) the easiest approach is a seat-count approach... with a threshold of 'site' license if the university exceeds a certain seat count. ( I'm assuming your softwware will be used as a medical/surgical teaching aid ) Keep in mind that this is more business than 'SAM'. Microsoft works in the same 'trust but verify' model; so the university most likely has the means to report on seat/user/token count.
From a product perspective, there are restrictive technologies where you can place a 'gateway wrapper' around your executable such that the EXE won't launch unless some type of authentication process ( time check, specific user/password, # of concurrent sessions) has been determined.