在 kotlin 应用程序中安全缓存数据的最佳方法?
[英]Best way to securely cache data in a kotlin app?
问题描述
New-ish to Kotlin and building an app. 
Kotlin 的新手和构建应用程序。 I need some objects to be persistent data.我需要一些对象作为持久数据。 Each of these objects will have a unique key.这些对象中的每一个都将具有唯一的键。 The objects will not take up a ton of memory and the cache size will probably rarely be over 10 of these objects, and most of the time just be 2 or 3 of these objects.这些对象不会占用大量内存,并且缓存大小可能很少超过 10 个这些对象,并且大多数时候只是 2 或 3 个这些对象。 I am wondering what is the best way to cache this data?我想知道缓存这些数据的最佳方法是什么? I will encrypt the data but it must also be secure and only accessible by my app, ie not accessible by other apps on the phone or backed up by google drive.我将对数据进行加密,但它也必须是安全的,并且只能由我的应用程序访问,即手机上的其他应用程序无法访问或由谷歌驱动器备份。 I have seen some things about room or cold storage but wondering if anyone can give me suggestions on what's the best way to do this?我看过一些关于房间或冷藏库的事情,但想知道是否有人能给我建议最好的方法是什么?
1 个解决方案
解决方案1
1 2022-07-13 05:47:36
It depends on who you're worried about as the attacker.这取决于你担心谁是攻击者。 Other apps on the phone?手机上的其他应用程序? No need to worry at all, unless you explicitly grant access other apps can't access your apps files, no need to even encrypt.完全不用担心,除非您明确授予访问权限,否则其他应用程序无法访问您的应用程序文件,甚至无需加密。 Just write the data to a file(s).只需将数据写入文件即可。 The user on a rooted device?根设备上的用户? Encryption won't even help here, because you'd need the key to be stored on the device as well, so the user could easily decrypt it.加密在这里甚至没有帮助,因为您还需要将密钥存储在设备上,以便用户可以轻松解密它。 Backed up by drive- you have to turn autobackup off in the manifest, but that will stop that.由驱动器备份-您必须在清单中关闭自动备份,但这将停止。
So decide the threat vectors you're worried about, and then we can give more specific advice.因此,确定您担心的威胁向量,然后我们可以提供更具体的建议。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.