4
I’m making an application where I need to securely send user data to the Web Service using PHP. For this, I’m researching security for iOS.
What is the recommended method and what are the points I should be concerned about?
Please preferably quote references to documents or security tutorials.
3
For an initial search, I suggest you start reading this document: iOS Security Guide (in English)
Before sending (offline storage), starting from page 9: Encryption and Data Protection
Sending the data, start from page 23: Network Security
Now that the question has been edited, I understand that you probably want to interact with the server using HTTP GET or POST via TLS (also known as HTTPS).
In that case, I suggest you follow the Apple specification on this link: Making HTTP and HTTPS Requests (in English)
From the security aspect, you will notice that iOS does not support DNSSEC. If you base your system’s security solely on what the vendor’s API offers, you’re at risk. You need to first choose the communication protocol, and base your needs around it.
For not citing references, consider my recommendations as opinions. Mainly because some of them are optional, others are not practical, and some are not necessary. In short, it depends on several factors.
Browser other questions tagged ios web-service objective-c security-guard cryptography
You are not signed in. Login or sign up in order to post.
The link you recommended is good, but it’s an Apple post of how their services work with Security. I would like something more specific about sending and receiving data to a back-end.
– Tiago Amaral
When you said "to be sent," I understood it as being before you sent the data. In the case of "sending" or "sending to the server", it would start from page 23, Network Security. Then I would choose one of the methods listed there, and focus on finding specific tutorials (to avoid too broad a response in Stack Overflow).
– Marcos Zolnowski