以安全格式存储游戏偏好和保存的游戏 [英] Storing game preferences and saved games in a secure format
问题描述
这是来自 Apple 文档:
This is from Apple docs:
当您设计一款向 Game Center 报告分数的游戏时,您应该还要考虑游戏的安全需求.你想要分数向游戏中心报告,以准确记录玩家如何是做.这里有两个建议:
When you design a game that reports scores to Game Center, you should also consider the security needs of your game. You want scores reported to Game Center to be an accurate accounting of how players are doing. Here are two suggestions:
以安全的格式存储您的游戏偏好和保存的游戏,而不是明文.如果您的游戏数据以明文形式存储文本,玩家可以使用iTunes下载保存的游戏数据,修改它,并将其重新同步回设备.这可能会让玩家获得比您预期更高的分数.始终设置合理排行榜的最小值和最大值.
Store your game’s preferences and saved games in a secure format, rather than in clear text. If your game’s data is stored in clear text, a player can download the saved game data using iTunes, modify it, and resync it back to the device. This may allow the player to achieve a higher score than you intended. Always set reasonable minimum and maximum values for a leaderboard.
我知道数据可以存储到 .plist 文件或 .xml 或 .json,即使在数据库中.但所有这些都是未加密的纯文本.什么被认为是安全格式?还有哪些方法/类/技术可用于存储敏感数据?
I know that data can be stored into .plist file or .xml or .json, even in a database. But all of that is non-encrypted plain text. What is considered as a secure format ? And what else methods/classes/techniques can be used to store sensitive data ?
推荐答案
如果黑客有足够的决心并拥有适当的技能,那么无论采用何种存储方式,您存储的数据通常都会受到损害.它归结为您的应用程序的实际应用程序是什么,以及您愿意为保护数据安全而投入的时间和精力.以下是一些可供您考虑的选项:
If a hacker is determined enough and has the proper skill set, your stored data can be usually compromised regardless of storage method. It boils down to what your app's real-world applications are and the time and effort you are willing to put into keeping the data safe. Below are some options for you to consider:
NSUserDefaults
存储数据的最常见和最简单的方法之一.数据未加密.
One of the most common and simplest ways to store data. Data is not encrypted.
Plist 文件
也是一种常用的数据存储方式.数据未加密.
Also a common way to store data. Data is not encrypted.
核心数据
创建模型,管理不同类型对象之间的关系.默认情况下,数据未加密.
Creates a model, manage relationship between different types of objects. By default, data is not encrypted.
http://www.appcoda.com/introduction-to-core-数据/
http://www.raywenderlich.com/85578/first-core-data-app-using-swift
钥匙串
可以说是在非越狱设备上存储数据的最安全方式.数据已加密.
Arguably the most secure way to store data on a non-jailbroken device. Data is encrypted.
https://stackoverflow.com/questions/16459879/how-to-store-a-string-in-keychain-ios
NSCoding
正如 Whirlwind 指出的,这是另一种存储方法.
As Whirlwind pointed out, this is yet another storage method.
http:///www.raywenderlich.com/1914/nscoding-tutorial-for-ios-how-to-save-your-app-data
http://nshipster.com/nscoding/
CommonCrypto Apple 框架
低级 C 编码.数据已加密.
Low-level C coding. Data is encrypted.
https://developer.apple.com/library/ios/samplecode/CryptoExercise/Listings/ReadMe_txt.html
自定义方法
将数据存储在云端,从而完全避免将其保存在设备上.使用 Touch ID 功能对用户进行身份验证并下载云数据.
Store the data in the cloud thereby eliminate having it on the device altogether. Use the touch ID feature to authenticate the user and download the cloud data.
http://code.tutsplus.com/tutorials/ios-8-integrating-touch-id--cms-21949
https://developer.apple.com/library/ios/samplecode/KeychainTouchID/Introduction/Intro.html
这篇关于以安全格式存储游戏偏好和保存的游戏的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
