PubNub安全反对某人逆向工程Android应用程序
[英]PubNub security against someone reverse engineering an android app
问题描述
My app initializes PubNub with a hard-coded subkey and pubkey, then subscribes/publishes to a channel. 
我的应用程序使用硬编码的子键和pubkey初始化PubNub,然后订阅/发布到一个频道。 How can I prevent someone from reverse engineering my app, collecting the sub/pub keys, and publishing garbage information to my channels? 如何阻止某人对我的应用进行逆向工程,收集子/ pub键并将垃圾信息发布到我的频道?
1 个解决方案
解决方案1
2 已采纳 2015-12-08 18:06:19
PubNub Access Manager PubNub Access Manager
There is no absolute way to hide your keys but you can manage how authenticated users access (use) your keys. 没有绝对的方法来隐藏您的密钥,但您可以管理经过身份验证的用户访问 (使用)您的密钥的方式。 PubNub's Access Manager provides a means for you to implement permissions that are granted to a auth-key for the channels that an end user will need to access (publish, subscribe, etc). PubNub的Access Manager为您提供了一种方法,可以为最终用户需要访问(发布,订阅等)的通道实现授权给auth-key的权限。
Permissions are read (subscribe and query), write (publish and update) and manage (add channels to channel groups). 权限被读取(订阅和查询),写入(发布和更新)和管理(向通道组添加通道)。 You will grant these permissions for each channel and channel group that the end user will need to work with and the auth-key you provide to the end user will be a parameter in the PubNub initialization which will be passed to PubNub with every PubNub operation invoked by that end user. 您将为最终用户需要使用的每个通道和通道组授予这些权限,并且您向最终用户提供的auth-key将是PubNub初始化中的参数,该参数将在调用每个PubNub操作时传递给PubNub。由该最终用户。
The above is a bit high level but this is a thorough discussion about hiding keys/managing access between Stephen Blum (@PubNub) and Phil Leggetter (@leggetter) - both respected and prominent thought leaders in the realtime data stream network space among other areas. 上面的内容有点高,但这是关于隐藏密钥/管理 Stephen Blum(@PubNub)和Phil Leggetter(@leggetter)之间访问权限的深入讨论 - 在实时数据流网络领域中受到尊重和突出的思想领袖以及其他领域。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.