Amazon SimpeDB - apps - data protection

放肆的年华 提交于 2019-12-05 18:52:18

I can suggest you two approaches to keep your app protected -

1st Approach :

You can keep your AWS secret key into a file with in your app that will be encrypted using private key. On start-up, your code will read that file using public key and can only get your AWS secret key. Please remember following points in this approach -

  1. Your code must be obfuscated.
  2. Your secret key must be in encrypted form into the file so you will get double protection.
  3. Your file must be digitally signed.

2nd Approach :

You can also create your own web site that will manage your user authentications and if user is successfully authenticated it will send AWS Secret key after encrypted it with private key, in his response to the app and your app will use that AWS Secret key after decrypting it with public key. Please remember following points in this approach - 1. Your response must be returned in encrypted form. 2. You site must be secure and must run on HTTPS. 3. Your code must be obfuscated.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!