Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Do we need to apply security in message level in mobile appliaction call secure web service?  RSS feed

 
tarek helmy
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Do we need to apply security in message level in e-commerce mobile appliaction call secure web service, since messages contains sensetive data?

or using SSL is quite enough and suffiecent?

please advise
thanks.
 
Ulf Dittmer
Rancher
Posts: 42972
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Not knowing your application, we can't say for sure what needs to be done, and what might or might not be sufficient. But seeing "e-commerce" there, it sure sounds to me like you need to be very conscious of security in all its facets.

SSL has really become obsolete for web services; the standard way is to use the WS-Security standard, which all major WS toolkits support. I'm not sure what's available for a mobile JVM, though - are you talking about Android, JME or something else?
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!