Before You Decide

in #palnet14 days ago


image.png
Source

Before you decide What security, you want to implement... You have to decide who you are protecting the data from.

Is it a legitimate user? Or an intruder?
Is the app you are building not dependent on a server? Is it on offline app that can be activated once?
If you want to encrypt data so that the man in the middle won't be able to intercept and modify the data. You're looking for TLS/SSL implementation.
If where to store your secrets is the issue, ...

If you have a problem with that, that means it's sensitive which means it doesn't belong to the client but the server. That's the security implementation.
If you're securing data between two users, like private chat in WhatsApp... That's end to end encryption - RSA.
Certificate pinning actually
Securing against man in the middle attacks
In other data encryption, if it's not the issue during client and server communication.

Then why are you encrypting the data? Are you storing it?
And how do you want to handle the decryption?

In security manager apps, a legitimate user that owns the data has access to the key because it's the user's details like password that's used in encryption.

In my own case, I want the user to access the files only under certain conditions, and active subscription is the criteria
But my own security measure is to disallow file distribution.

#airhawk #proofofbrain #vkbt #vyb #someeofficial #neoxian
14 days ago in #palnet by
$0.00
    2 votes
    Reply 0
    Sort:  
  • Trending