Secure Web Service for a Windows Phone Application
Cu The, Hai (2016)
Lataukset:
Cu The, Hai
Metropolia Ammattikorkeakoulu
2016
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2016053010667
https://urn.fi/URN:NBN:fi:amk-2016053010667
Tiivistelmä
The purpose of this study is to learn the concepts, algorithms and techniques of cryptography and how to apply them to the web service related to Windows Phone applications. The method is to study the mechanism of the cryptographic algorithms and selecting the suitable techniques for Windows Phone – Azure in a Windows ecosystem. The best practices and popular algorithms are investigated in detail to offer the benefits and drawbacks when applying them to the ecosystem.
In the case study, a proof-of-concept server-client Windows Phone application is implemented. Both the server and client use the mentioned theories to build a secure communication channel between the client and server. It applies both symmetric key and asymmetric key cryptography for encrypting and decrypting the data and also uses client certification authentication and server certificate to prevent from eavesdroppers and man-in-the-middle attacks.
In conclusion, the study shows the crucial requirements of a secure Windows Phone application and its backend. The developers need to comprehend sufficient knowledge of cryptography, encryption algorithms and application security to be able to develop a secure application and service.
In the case study, a proof-of-concept server-client Windows Phone application is implemented. Both the server and client use the mentioned theories to build a secure communication channel between the client and server. It applies both symmetric key and asymmetric key cryptography for encrypting and decrypting the data and also uses client certification authentication and server certificate to prevent from eavesdroppers and man-in-the-middle attacks.
In conclusion, the study shows the crucial requirements of a secure Windows Phone application and its backend. The developers need to comprehend sufficient knowledge of cryptography, encryption algorithms and application security to be able to develop a secure application and service.