• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Do we need to apply security in message level in mobile appliaction call secure web service?

 
Ranch Hand
Posts: 42
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Do we need to apply security in message level in e-commerce mobile appliaction call secure web service, since messages contains sensetive data?

or using SSL is quite enough and suffiecent?

please advise
thanks.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Not knowing your application, we can't say for sure what needs to be done, and what might or might not be sufficient. But seeing "e-commerce" there, it sure sounds to me like you need to be very conscious of security in all its facets.

SSL has really become obsolete for web services; the standard way is to use the WS-Security standard, which all major WS toolkits support. I'm not sure what's available for a mobile JVM, though - are you talking about Android, JME or something else?
 
reply
    Bookmark Topic Watch Topic
  • New Topic