Chapter 8. Securing Network Connections

WHAT'S IN THIS CHAPTER?

  • Authenticating users on remote services

  • Reliance on data from distant sources

  • Automatic service discovery

  • Filtering network connections

  • Protecting network traffic from eavesdroppers

Many of today's applications on both Mac and iPhone are not standalone, but rely on data available from a remote system on the network. The data may come from a peer system — another player in a multiplayer game, or another machine on the local network with which the application's data is synchronized. The relationship between the local app and the remote data source may be that of client and server, as when the application is designed to work with web services like social networking sites. Interacting with remote systems means providing a very easily accessible entry point to would-be attackers. The far end of a network connection could be under malicious control, as could ancillary services used to find and use that connection.

REMOTE AUTHENTICATION

When you're using remote services, it is almost always the case that the user accounts on the server are not the same as those on the Mac on which your application is running. The server is certainly not going to have shared accounts with an iPhone, which has no networked directory services. In Chapter 5 you discovered how the user's credentials for the distant server can be securely stored on the keychain, but now you need to get those credentials over the network. Different servers use different ...

Get Professional Cocoa® Application Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.