[Owasp-leaders] Mobile Encryption

Ala'a Mubaied alaa.mubaied at owasp.org
Thu Dec 27 11:43:48 UTC 2012


Thanks Azzeddine, could you please provide more details about IBE .

Regards,
Ala'a


On Thu, Dec 27, 2012 at 1:48 PM, Azzeddine Ramrami <
azzeddine.ramrami at owasp.org> wrote:

> You can use IBE (Identity Based Encryption) scheme and full disk
> encryption to achieve your needs.
> If you need more info on IBE and/or full disk encryption I can help you.
> Regards,
> Azzeddine RAMRAMI
>
>
> On Thu, Dec 27, 2012 at 11:33 AM, Ala'a Mubaied <alaa.mubaied at owasp.org>wrote:
>
>> Hey Leaders
>>
>> I am working with the mobile application team on designing the One Sync
>> Solutions for all devices. The biggest challenge here is how to store the
>> user data in the client side.
>>
>> Basically, the idea is to encrypt the data in the client side by
>> assigning a secret to each user, and the secret is stored in the server
>> side only. Whenever the client application read the local storage, it
>> requires to get the secret key from the server by user authentication
>> through https connection. But there are 2 questions in my mind
>>
>>    - In this case, we cannot provide the offline access of the user data
>>    - The secret is still stored in the memory of the application
>>
>> Team, any similar use case encounter before?
>>
>> Thanks and Regards,
>>
>> Ala'a
>>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>>
>
>
> --
> Azzeddine RAMRAMI
> +33 6 40 25 42 81
> OWASP Leader (Morocco Chapter)
> Enterprise Security Architect
> Mile2 Senior Master Instructor
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20121227/5a9c788c/attachment.html>


More information about the OWASP-Leaders mailing list