Question

自开始学习移动计算以来,我经常不讨论安全问题。然而,在我看来,这是移动计算的一个主要议题。制定安全的移动应用程序的某些方面:

How to create save communication between device and server?
How to identify a device and how to authenticate a user on a mobile device?
How to handle the possibility of device theft and ensuing misuse of data stored on the device and access granted to the device?

也许会有更多的问题,但我认为,这些都是关键问题。到目前为止,我已经提出这一解决办法:

SSL.
Use OAuth to grant access to the device, then store the access token AES-encrypted. Check the user s identity before allowing him access to the app by requesting the decryption key (most likely a PIN as those are more easy to enter on a mobile device).
If storage of data is unavoidable, use AES encryption. Either use the key mentioned in 2. or alternatively store the decryption key on the server and have the app request it from there every time. In case of theft revoke the OAuth key. (This will also prevent the thief to retrieve the decryption key from the server.)

你们是否看到这种做法存在任何缺陷,或者看看是否有任何要点可以改进该战略? 我试图在可使用性和安全之间找到一种平衡,因为似乎这些概念是对立的。

<>说明: 这是一种一般概念,并非专门针对一个操作系统。

Answer 1

这是不限成员名额和非常笼统的,因此可能不是最佳场所。你是否真的认为你可以总结一下这三点? 如果不具体指明具体的指导方针、参数和做法,你甚至不能试图保证安全。

Use SSL means nothing by itself. There are a hundred ways to misuse SSL: trust every certificate, use weak ciphers, use vulnerable protocol versions (SSLv2, etc.), don t check revocation, etc., etc.
Using AES doesn t guarantee much either: you might be open to attacks if you use ECB mode, or re-use the same IV in CBC mode, or your IV is not truly random (real example: TLS tried to cut corners with this one), etc., etc.
If you store you encryption key on a server, that s just another attack vector: do you really trust the server (how do you make sure it s your own one?) to store/manage your key?

因此,是的,potential flaws,答案是简单的:不是简单。