Compact framework calling webservice using encryption
Question
Ok, here is my situation:
1) I've build a free c# compact framework application
2) I've got a webservice where i retrieve my data (traffic related)
3) Anyone can download and use the application.
But the webservice that is being called should not be available to others. I've been looking into security and encryption, but haven't figured this question out:
I can use encryption to encrypt the data, and decrypt it in code, but decompiling my code would make it easy to read the algorithm or key that's being used decrypt the data.
So how can make my webservice secure so it can't be used by others? Is anything possible with strong name key's which require passwords?
I've been searching a lot on the internet, but without luck. So i hope there is someone with the knowledge here :)
1 answers
solution1
0 2009-08-29 10:40:27
You could issue unique authentication tokens when someone downloads your application, that they have to use with it to access the web service.
But there's no way of stopping them from writing their own application. If you give someone all the information needed to access the service, you can't make them use your code to do it (like you've noticed, they can always decompile your code and figure out how it works).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.