语言

Menu
Sites
Language
Secure Local storage - how to

I am trying to make a tv web app where i need local data to be stored.

It is critical info and i dont want other apps to access or corrupt it.

I read W3C WebStorage API is very weak in security. It doesn’t provide private storage. Don’t use WebStorage for security or privacy related data.

 

So what exactly is the better option in Tizen ?'

I have to store key value pair and size of data is very small.
 

列表

响应

1 回复
Iqbal Hossain

Hi~ 

Please read about the web storage security

1. http://stackoverflow.com/questions/3718349/html5-localstorage-security

2. http://softwareengineering.stackexchange.com/questions/74155/how-secure-is-localstorage

My suggestion:

You can make your whole data a json and encrypt with a password. And then store. 

You can use Stanford Javascript Crypto Library for encryption/decryption. 

For Ex, 


var yourJson = {"employees":[
    {"firstName":"John", "lastName":"Doe"},
    {"firstName":"Anna", "lastName":"Smith"},
    {"firstName":"Peter", "lastName":"Jones"}
]};

var stringData = JSON.stringify(yourJson);

//encryption
var dataTobeStored = sjcl.encrypt("YourPassword", stringData);

//storing to local storage
localStorage.setItem("YOUR_KEY_FOR_SAVING", dataTobeStored);

// retrieve from local storage
var storedEncryptedData = localStorage.getItem("YOUR_KEY_FOR_SAVING");

// decrypt
var storedStringData = sjcl.decrypt("YourPassword", "storedEncryptedData");

var yourJsonAgain = JSON.parse(storedStringData);

SJCL Ref: http://bitwiseshiftleft.github.io/sjcl/

SJCL Demo: http://bitwiseshiftleft.github.io/sjcl/demo/

Hope it will help you! 

Cheers