将数据从Android发送到Azure云的安全性如何?
[英]How secure is data sent Android from to Azure Cloud?
问题描述
I am wondering if the channel used to transmit data to be sent to the Azure Cloud Mobile service is secured. 
我想知道用于传输要发送到Azure云移动服务的数据的通道是否安全。 Using the below code as reference.. 使用下面的代码作为参考。
table.execute(new TableQueryCallback<tableEntity>() {
public void onCompleted(List<tableEntity> result, int count,
Exception exception, ServiceFilterResponse response) {
if (exception == null) {
for (tableEntity tableItem: result) {
//Some algorithm here
}
}
}
});
The code executes and attempts to retrieve data from Azure, and I am not sure how secure this process is. 该代码将执行并尝试从Azure检索数据,但我不确定此过程的安全性。 Reading the documentations on Azure site, it did not provide the answer that I am looking for.. 阅读Azure网站上的文档,它没有提供我正在寻找的答案。
Reference I have read: 参考资料我读过:
azure.microsoft.com/en-us/documentation/articles/mobile-services-android-how-to-use-client-library/ azure.microsoft.com/en-us/documentation/articles/mobile-services-android-how-to-use-client-library/
azure.microsoft.com/en-us/services/mobile-services/ azure.microsoft.com/en-us/services/mobile-services/
azure.microsoft.com/en-us/documentation/articles/mobile-services-android-get-started/ azure.microsoft.com/en-us/documentation/articles/mobile-services-android-get-started/
azure.microsoft.com/en-us/documentation/articles/mobile-services-android-get-started-data/ azure.microsoft.com/en-us/documentation/articles/mobile-services-android-get-started-data/
What I am looking for is how the process of sending/retrieving data to and from Azure works, am I needed to encrypt the data channel? 我正在寻找的是往返于Azure的数据发送/检索过程的工作方式,我是否需要加密数据通道? Any guide will be appreciated! 任何指导将不胜感激! Thanks! 谢谢!
2 个解决方案
解决方案1
1 已采纳 2015-01-06 21:19:49
Azure Mobile Services is a REST service hosted in the cloud. Azure移动服务是托管在云中的REST服务。 The client code is making HTTP calls to the REST API behind-the-scenes. 客户端代码正在幕后对REST API进行HTTP调用。 So all encryption is done via HTTPS/SSL. 因此,所有加密都是通过HTTPS / SSL完成的。
You can find REST API details here: http://msdn.microsoft.com/en-us/library/azure/jj710108.aspx 您可以在这里找到REST API详细信息: http : //msdn.microsoft.com/zh-cn/library/azure/jj710108.aspx
If you wanted to, you could test your service by using PostMan/curl/Fiddler or any other HTTP client. 如果愿意,可以使用PostMan / curl / Fiddler或任何其他HTTP客户端来测试服务。
The AppKey is sent in the X-ZUMO-APPLICATION HTTP header along with your other requests and acts as a very simple authentication method and is used when you've set up your API/Table endpoint with 'Application Key' permissions. AppKey与其他请求一起在X-ZUMO-APPLICATION HTTP标头中发送,并且充当非常简单的身份验证方法,并且在您设置了具有“ Application Key”权限的API / Table终结点时使用。
Permission details here: http://msdn.microsoft.com/en-us/library/azure/jj193161.aspx 权限详细信息在这里: http : //msdn.microsoft.com/zh-cn/library/azure/jj193161.aspx
解决方案2
0 2014-12-26 20:36:59
I can't find a reliable source for this, but I'm under the impression that the AppKey is used to encrypt the data connection between the client and mobile service. 我找不到可靠的来源,但给人的印象是AppKey用于加密客户端和移动服务之间的数据连接。
// Create the Mobile Service Client instance, using the provided
// Mobile Service URL and key
mClient = new MobileServiceClient(
"MobileServiceUrl",
"AppKey",
this).withFilter(new ProgressFilter());
And of course you can set your table permissions to restrict access to any sensitive data. 当然,您可以设置表权限以限制对任何敏感数据的访问。 Obviously this is not enough if you are working with something that you seriously need to encrypt and keep safe. 显然,如果您使用的是您迫切需要加密和保持安全的内容,那还远远不够。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.