[Owasp-leaders] Mobile Encryption

Azzeddine Ramrami azzeddine.ramrami at owasp.org
Thu Dec 27 10:48:24 UTC 2012


You can use IBE (Identity Based Encryption) scheme and full disk encryption
to achieve your needs.
If you need more info on IBE and/or full disk encryption I can help you.
Regards,
Azzeddine RAMRAMI


On Thu, Dec 27, 2012 at 11:33 AM, Ala'a Mubaied <alaa.mubaied at owasp.org>wrote:

> Hey Leaders
>
> I am working with the mobile application team on designing the One Sync
> Solutions for all devices. The biggest challenge here is how to store the
> user data in the client side.
>
> Basically, the idea is to encrypt the data in the client side by assigning
> a secret to each user, and the secret is stored in the server side only.
> Whenever the client application read the local storage, it requires to get
> the secret key from the server by user authentication through https
> connection. But there are 2 questions in my mind
>
>    - In this case, we cannot provide the offline access of the user data
>    - The secret is still stored in the memory of the application
>
> Team, any similar use case encounter before?
>
> Thanks and Regards,
>
> Ala'a
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


-- 
Azzeddine RAMRAMI
+33 6 40 25 42 81
OWASP Leader (Morocco Chapter)
Enterprise Security Architect
Mile2 Senior Master Instructor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20121227/0a38165b/attachment.html>


More information about the OWASP-Leaders mailing list