I m目前正在与以下行为者合作开展一个项目:
I m using HTTPS (with a trusted certificate) to comunicate with the server. To retrieve data from the server, GET method is used. To push data to the server, mobile apps use POST method over HTTPS.
一些转让,如用户数据更新中的用户标识,由于其敏感数据必须加以保证。
What kind of solution should i use to enforce those transfers security?
感谢你们的帮助!
If you are having HTTPS then you already have the One level of Security. To add another level, you can encrypt and decrypt password before sending to server.
OS支持AES256 加密。
See best practices here http://developer.apple.com/library/ios/#documentation/Security/Conceptual/Security_Overview/Introduction/Introduction.html
这里的讲解
我肯定不是100%,但你也可以获得类似的亚特兰大。
SSL是通向和发送加密数据的途径,因此不能被上下一代人阅读。 保持你对SSL的所有互动,以便你不会以不加密的形式暴露出证书(UN/PW)或会议表。 特殊工业企业是达到这一目的的行业标准,符合你规定的所有要求。
如果你只想限制用户使用你的服务器,你就可以部署相互认可的SSL。 在你的客户申请中贴上客户和客户的SSL证书,并没收服务器,使其在连接时只接受出示该证书的客户提出的新要求。
For security reasons, it is desirable to check the integrity of code before execution, avoiding tampered software by an attacker. So, my question is How to sign executable code and run only trusted ...
I run findbugs against all of my code and only tackle the top stuff. I finally got the top stuff resolved and now am looking at the details. I have a simple entity, say a user: public class User ...
Anyone know if jsbin.com implements any protection for XSS or other javascript attacks? I see jsbin links used fairly regularly on sites like this one and I can t find any indication from the site ...
Im making a website that will intergrate with game that only support md5 hashing metod (atm). Which ofc is not especially safe anymore. But how could i make it stronger? Should I just generate long ...
I am trying to find out the difference between difference service account types. I tumbled upon this question. The answer was because it has powerful access to local resources, and Network Service ...
I am trying to write a script to prevent brute-force login attempts in a website I m building. The logic goes something like this: User sends login information. Check if username and password is ...
Three SHA512Managed related questions: Is SHA512Managed considered the best one-way hash available in .NET 3.5 for security? What Salt size should be used with SHA512Managed? The application is for ...
[Update] - I attach also full config files, for service, and for client (outside of here, not to flood the topic) I m having situation pretty much identical to the one outlined in this question, ...
