stackoom
  简体   繁体   中英

Security problems for google app engine webservices

 原文  2014-04-15 07:42:09       java/ web-services/ google-app-engine

Question

I've write a google web-services based on java to encrypt and decrypt messages, just wondering if I deploy this project to app engine, how can I make sure my java classes are safely at the server side? Because there are secret keys inside code.
Do I need add some identification steps before can use the web-services?

1 answers

solution1
 2  2014-04-15 07:51:04

It's as secure as any other hosted service - trusted people (Google admins) have access to servers and your compiled code. If you are not OK with that, you should run your own servers.

You may want to disable code download , in case your google account gets compromised.

Also, access to your Google account is an attack vector to get to AppEngine admin access, so make sure anybody with developer access to your GAE app has two-step authentication enabled .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Security Error in google app Engine Problems with UserService on google app engine Spring security openid on Google App Engine GSON on Google App Engine throws a Security Exception Security in Android - Google app engine system google app engine cloud endpoint security Eclipse installing google app engine sdk problems Google App Engine - Spring Security Issue (java.security.AccessControlException) Google App Engine (Java) web service authentication/authorization/security Google App Engine FreeMarker template java.security.AccessControlException
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM