Security Basics mailing list archives
RE: iOS Game - how to secure server side resurces
From: "Costas Ioannou" <icostas () saferelay net>
Date: Fri, 9 Nov 2012 09:59:35 +0200
Hello Also, they want the game to be popular as soon as possible so there are no security requirements to sign up or set up a user account(userid/pwd). They just want user to download and start playing. Maybe upon download and installation, you automatically register the user (with a username/password or a uid or something...) and automatically install it on his client. The user must save this 'code/password/whatever' if he wants to re-install or transfer his client to another device and still have his online property there for him. Regards Costas -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of naveen0403 () yahoo com Sent: Wednesday, November 07, 2012 7:23 PM To: security-basics () securityfocus com Subject: iOS Game - how to secure server side resurces Hi I recently joined a company which is developing a game/app for iOS. Game needs some intensive server side processing. Also, they want the game to be popular as soon as possible so there are no security requirements to sign up or set up a user account(userid/pwd). They just want user to download and start playing. How do you secure server resources(say REST services) in this environment? Every approach i think of, has a security flaw, because fundamentally anything you store on client side(hardcode in code or config files, encryption keys etc) to communicate with server side resources, it can be retrieved. May be I am missing something fundamental. Any help is appreciated. Thanks Naveen ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1 ------------------------------------------------------------------------ ______________________________________________________________________ This message was processed by Inter Engineering Secure Email Managed Service. ______________________________________________________________________ This message was processed by Inter Engineering Secure Email Managed Service. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- iOS Game - how to secure server side resurces naveen0403 (Nov 08)
- Re: iOS Game - how to secure server side resurces Hai Lang (Nov 08)
- RE: iOS Game - how to secure server side resurces Costas Ioannou (Nov 09)