为多人游戏获得良好的安全性 [英] get a good security for multiplayer game

问题描述

我用eclipse做了一个游戏.我有一个服务器程序和一个客户端程序.客户端使用套接字与服务器通信.如果客户端启动，它会将其用户名和密码发送到服务器.如果组合存在，则客户端可以与服务器通信.客户端不断读取游戏中其他人的关卡，不断发送自己的关卡.

I made a game using eclipse. I have a server program and a client program. The clients communicate with the server using sockets. If the client starts it sends its username and password to the server. If the combination exists, the client can communicate with the server. and the client constantly reads the levels of other people in the game and constantly sends its own level.

我的问题:我如何保护密码或它已经安全了?客户端可以不只是制作自己的java程序并使用现有的用户名和密码与服务器通信，然后发送例如他是100级.如果是如何解决这个问题?我还有什么需要保护的吗?

my questions: How can i secure the passwords or is it already safe? Can a client not just make his own java program and use an existing username and password to communicate with the server and than send for example that he is 100 levels up. If yes how to solve this? Are there any other things I need to secure?

推荐答案

在服务器程序中保持敏感状态并让客户端请求当前值.然后你在服务器上控制它.

Keep the sensitive state in the server program and have the client request the current value. Then you control it at the server.

如果某人拥有有效的凭据，那么他们就可以执行您的协议允许用户在其上下文中执行的任何操作.这是您必须从服务器程序控制的事情，以防止客户端的意外操作影响整体完整性.

If someone has valid credentials, then they are able to do whatever your protocol permits the user to do within their context. This is something you must control from the server program to prevent unintended operations by the client from impacting on overall integrity.

这篇关于为多人游戏获得良好的安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！