Concept question: What's an easy and secure way to save application settings in the cloud?

huangapple go评论57阅读模式
英文:

Concept question: What's an easy and secure way to save application settings in the cloud?

问题

首先,我想要实现的是什么。
想象一下一个移动应用程序,它有几个设置,我想将这些设置保存到云中的某个数据库,以防用户进行恢复出厂设置或更换新手机后希望导入/恢复先前的设置。

如果用户能够轻松地加载/保存应用程序设置,那将非常棒。对于这样的设置,最先进的操作方式是什么?是否真的需要用户名和密码来安全地加载/保存设置数据?这个过程应该尽可能简单,同时保持安全。

类似的现有回答已经有好几年了,技术发展迅速,所以我不知道给出的答案是否仍然适用于今天的最新开发。
我不指望得到一个完整的答案,但能提供一些我可以在网上查找的主要提示就行。
谢谢!

(我还没有尝试过任何实际操作,因为我首先想知道应该采取的方法,然后再着手去做。)

英文:

OK, first what I want to achieve.
Imagine a mobile application that has several settings, which I want to save to a database somewhere in the cloud, just in case the user does a factory reset or gets a new phone and then wants to import/restore the previously made settings.

It would be cool if loading/saving of application settings is easily achievable by the user.
What's the state-of-the-art proceeding for such a setup? Does it really require username & password to securely load/save settings data? This process should be as simple as possible while being secure.

Similar existing answers here are several years old and technology advances fast, so I don't know if the given answers still apply for today's state-of-the-art development.
I don't expect a full-fledged answer but giving a few major hints which I can look up on the web.
Thank you!

(I haven't tried anything practical yet as I would first like to know the way to go and afterwards go for it.)

答案1

得分: 0

由于您没有指定CSP,我将为您提供AWS和Azure的示例:

在AWS中,Cognito提供了一个用户目录服务,用于创建和管理用户身份。它支持已验证的和访客身份。您可以使用已验证的身份来维护用户帐户系统,或者使用访客身份来创建匿名用户系统。

如果您使用已验证的身份,Cognito可以进行用户名/密码登录,以及与Google、Facebook和Amazon的OAuth集成。对于匿名系统,它可以为用户创建一个唯一标识符,并将数据与该标识符关联起来。

您可以使用AWS DynamoDB进行数据存储。您可以将与用户的Cognito标识符相关联的用户设置保存在其中。

以下是流程示例:

  1. 应用程序启动。它从Cognito请求身份。如果用户已登录,它将使用该身份。如果没有,它将获取一个访客身份。

  2. 应用程序使用用户的Cognito标识符从DynamoDB中读取/写入用户的设置。

  3. 如果用户登录到帐户中,应用程序将请求Cognito将访客身份和相关数据合并到已登录的身份中。

在Azure的情况下,类似的服务将是Azure Active Directory B2C用于用户身份验证,Cosmos DB用于数据存储。工作流程将非常类似。

对于您来说,合适的解决方案可能会根据您的要求而有所不同。我会问的问题是用户的匿名性是否足够/必需。您是否需要在iOS/Android设备上进行设备备份?您是否需要加密存储的数据?是否需要使用QR码来同步数据?希望这对您有所帮助。

英文:

Since you're not specifying the CSP I will give you examples for AWS and Azure:

In AWS, Cognito provides a user directory service to create and manage user identities. It supports authenticated and guest identities. You can use authenticated identities to maintain a user account system or guest identities for an anonymous user system.

If you use authenticated identities, Cognito can do username/password logins and OAuth with Google, Facebook, and Amazon. For an anonymous system, it can create a unique identifier for your users and associate data with that identifier.

You can use AWS DynamoDB for data storage. You would save the user's settings associated with their Cognito identifier.

Here's an example of the flow:

  1. The app is started. It requests an identity from Cognito. If the user is logged in, it uses that identity. If not, it gets a guest identity.

  2. The app reads/writes the user's settings from/to DynamoDB using their Cognito identifier.

  3. If the user logs into an account, the app requests Cognito to merge the guest identity and associated data with the logged-in identity.

In the case of Azure, similar services would be Azure Active Directory B2C for user identity and Cosmos DB for data storage. The workflow would be very similar.

The right solution for you may be different depending on your requirements.
The question I would ask is whether the anonymity of the users is sufficient/required. Do you need to supplement it with device backups on iOS/Android devices? Do you need to encrypt the stored data? Is using QR codes for synchronizing data a requirement?

Hope this helps.

huangapple
  • 本文由 发表于 2023年6月8日 07:08:21
  • 转载请务必保留本文链接:https://go.coder-hub.com/76427620.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定