Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
305 views
in Technique[技术] by (71.8m points)

ios - Storing game preferences and saved games in a secure format

This is from Apple docs:

When you design a game that reports scores to Game Center, you should also consider the security needs of your game. You want scores reported to Game Center to be an accurate accounting of how players are doing. Here are two suggestions:

Store your game’s preferences and saved games in a secure format, rather than in clear text. If your game’s data is stored in clear text, a player can download the saved game data using iTunes, modify it, and resync it back to the device. This may allow the player to achieve a higher score than you intended. Always set reasonable minimum and maximum values for a leaderboard.

I know that data can be stored into .plist file or .xml or .json, even in a database. But all of that is non-encrypted plain text. What is considered as a secure format ? And what else methods/classes/techniques can be used to store sensitive data ?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

If a hacker is determined enough and has the proper skill set, your stored data can be usually compromised regardless of storage method. It boils down to what your app's real-world applications are and the time and effort you are willing to put into keeping the data safe. Below are some options for you to consider:

NSUserDefaults

One of the most common and simplest ways to store data. Data is not encrypted.

Save string to the NSUserDefaults?

Plist Files

Also a common way to store data. Data is not encrypted.

Storing and Retrieving from a Plist

CoreData

Creates a model, manage relationship between different types of objects. By default, data is not encrypted.

http://www.appcoda.com/introduction-to-core-data/

http://www.raywenderlich.com/85578/first-core-data-app-using-swift

Keychain

Arguably the most secure way to store data on a non-jailbroken device. Data is encrypted.

https://stackoverflow.com/questions/16459879/how-to-store-a-string-in-keychain-ios

NSCoding

As Whirlwind pointed out, this is yet another storage method.

http://www.raywenderlich.com/1914/nscoding-tutorial-for-ios-how-to-save-your-app-data

http://nshipster.com/nscoding/

CommonCrypto Apple Framework

Low-level C coding. Data is encrypted.

https://developer.apple.com/library/ios/documentation/Security/Conceptual/cryptoservices/GeneralPurposeCrypto/GeneralPurposeCrypto.html

https://developer.apple.com/library/ios/samplecode/CryptoExercise/Listings/ReadMe_txt.html

Custom approaches

Store the data in the cloud thereby eliminate having it on the device altogether. Use the touch ID feature to authenticate the user and download the cloud data.

http://code.tutsplus.com/tutorials/ios-8-integrating-touch-id--cms-21949

https://developer.apple.com/library/ios/samplecode/KeychainTouchID/Introduction/Intro.html


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...