pmilosev - Developer IT

Search Results

Search found 2 results on 1 pages for 'pmilosev'.

Page 1/1 | 1

iphone: is there any secure way to establish 2-way SSL from an application

- by pmilosev

Hi I need to establish a HTTPS 2-way SSL connection from my iPhone application to the customer's server. However I don't see any secure way to deliver the client side certificates to the application (it's an e-banking app, so security is really an issue). From what I have found so far the only way that the app would be able to access the certificate is to provide it pre-bundeled with the application itself, or expose an URL from which it could be fetched (http://stackoverflow.com/questions/2037172/iphone-app-with-ssl-client-certs). The thing is that neither of this two ways prevent some third party to get the certificate, which if accepted as a risk eliminates the need for 2-way SSL (since anyone can have the client certificate). The whole security protocol should look like this: - HTTPS 2-way SSL to authenticate the application - OTP (token) based user registration (client side key pair generated at this step) - SOAP / WSS XML-Signature (requests signed by the keys generated earlier) Any idea on how to establish the first layer of security (HTTPS) ? regards

Read the article

iphone - how to properly handle exceptional situations (signals ?)

- by pmilosev

Hi In my iphone app, I want to provide some sort of app termination handler that will do some final work (delete some sensitive data) before the application terminates. I want to handle as much of the termination situations as possible: 1) User terminates the app 2) The device runs out of battery 3) The system terminates the app due to some reason (e.g. out of memory or app freeze) 4) Application crashes (EXC_BAD_ACCESS or SIGSEGV) Any other exceptional situation ? What is the best way to achieve this (e.g. is applicationWillTerminate method called in situation 2) ? Is it possible to do the cleanup in a signal handler (includes iPhone Security framework calls) ? regards