On Aug 29, 2008, at 7:36 PM, Charles E. Heizer wrote:
Hello,
I'm looking for a little help in trying to figure out the best
approach to
securing the communications of my application.
I have a small agent which has a scheduler in it right now that
kicks off
jobs as defined. But what I want to do now is add a listener to my
client so
that I can send commands from a central server.
I have played with a few of the client server examples and have
started to
grasp the whole thing but before I get to far down the road I would
like to
know how/best way to secure the communication/command from the
server to the
client to prevent man-in-the-middle etc...
Your question is basically impossible to answer without a more clearly
defined threat model. I don't mean to be dismissive, but this is a
tough problem. For example, do you want to protect against rogue
processes running on the same machine? That's not currently possible
in REALbasic because of problems with the FolderItem class. Actually,
it's possible, but not too feasible -- I don't know a way to securely
create temp files without doing it entirely using C functions.
Encrypted communication is mostly a solved problem, depending on the
problem.
Surely there are people at llnl.gov that understand this sort of
thing :)
Charles Yeomans
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives:
<http://support.realsoftware.com/listarchives/lists.html>
|