How to: Build secure desktop applications: Difference between revisions
Jump to navigation
Jump to search
w>Jguillo Created page with 'Desktop application design has some security concerns. As a best-practice security design, this type of applications should not store the private key (and maybe not even the shar…' |
w>Jguillo No edit summary |
||
| Line 1: | Line 1: | ||
Desktop application design has some security concerns. As a best-practice security design, this type of applications should not store the private key (and maybe not even the shared key) of the api in the application distributable. This includes direct harcoding of the keys in the source code or any other form of encryption. | Desktop application design has some security concerns. As a best-practice security design, this type of applications should not store the private key (and maybe not even the shared key) of the api in the application distributable. This includes direct harcoding of the keys in the source code or any other form of encryption. | ||
The recommended design is the use of a gatekeeper as a service for the application. This gatekeeper stores the application shared and private key and provides required user authorizations to the application. | The recommended design is the use of a gatekeeper as a service for the application. This gatekeeper stores the application shared and private key and provides required user authorizations to the application. | ||
[[Category:How to]] | |||
Revision as of 11:18, 6 May 2010
Desktop application design has some security concerns. As a best-practice security design, this type of applications should not store the private key (and maybe not even the shared key) of the api in the application distributable. This includes direct harcoding of the keys in the source code or any other form of encryption.
The recommended design is the use of a gatekeeper as a service for the application. This gatekeeper stores the application shared and private key and provides required user authorizations to the application.