Securely connect to a web service from an Android application

Question

Securely connect to a web service from an Android application

I am currently developing an application that downloads information from a web service that I wrote (in .net), and I want to protect the connection so that only my application can receive data from the service. What is the best way to get around this?

I do not want anyone to be able to get access information if they decompile / remodel my application. Is there a way to check the integrity of an application that requests data before sending?

I don’t care that they can sniff the traffic to see what it contains, I just don’t want anything other than my application to be able to send requests to protect against everyone who scraped all the data.

I am very new to security, as simple as possible please!

+5

android security web-services

Chris foot Jul 22 '11 at 13:04

source share

2 answers

Blackberry kSoap2

0

acebisli 22 . '11 13:12

Ujjwal Wadhawan · Accepted Answer · 2011-08-03T01:23:17+0000

Chris

You can read a mechanism called One Time Passwords (OTPs). http://en.wikipedia.org/wiki/One-time_password

You can design your OTP application when it tries to connect to your web service. The responsibility for OTP authentication is in the web service.

. , , 256- , -. -, , OTP. OTP " " ( google ). , (OTP Validator) , ( + - n ) n. , OTP OTP . OTP HASH OTP ( , ).

, , - (, OTP ). , . , . , , , , OTP. . , OTP. , "-" "public-id" . "-id", OTP , , . "-id" "-" , "-id" OTP.

, , OTP + "public-id" . , - -.

, .

Ujjwal

Securely connect to a web service from an Android application

More articles: