O'Reilly logo

Microsoft® Mobile Development Handbook by Peter Foot, Daniel Moth, Andy Wigley

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Storing Credentials and Other Secrets Securely

Consider the following requirements for a fictional application: it stores data in a SQL Server CE database, and it communicates with a Web service that authenticates users using Hypertext Transfer Protocol (HTTP) Basic authentication. Your threat analysis has identified the following vulnerabilities:

  • The data in the database includes details of your company's customers, so must not fall into the hands of your competitors.

  • The Uniform Resource Locator (URL) of the Web service and the credentials required to authenticate must also be kept secret, so as to reduce the likelihood of an attacker trying to break into your backend systems.

  • Data transmitted must be unintelligible to anyone who manages to intercept ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required