[Owasp-leaders] Mobile Encryption
azzeddine.ramrami at owasp.org
Thu Dec 27 10:48:24 UTC 2012
You can use IBE (Identity Based Encryption) scheme and full disk encryption
to achieve your needs.
If you need more info on IBE and/or full disk encryption I can help you.
On Thu, Dec 27, 2012 at 11:33 AM, Ala'a Mubaied <alaa.mubaied at owasp.org>wrote:
> Hey Leaders
> I am working with the mobile application team on designing the One Sync
> Solutions for all devices. The biggest challenge here is how to store the
> user data in the client side.
> Basically, the idea is to encrypt the data in the client side by assigning
> a secret to each user, and the secret is stored in the server side only.
> Whenever the client application read the local storage, it requires to get
> the secret key from the server by user authentication through https
> connection. But there are 2 questions in my mind
> - In this case, we cannot provide the offline access of the user data
> - The secret is still stored in the memory of the application
> Team, any similar use case encounter before?
> Thanks and Regards,
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
+33 6 40 25 42 81
OWASP Leader (Morocco Chapter)
Enterprise Security Architect
Mile2 Senior Master Instructor
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders