[Year 12 SofDev] SD exam - C8 security protocols
Fitzsimmons B.
Fitzsimmons.Brett at westbourne.vic.edu.au
Wed Nov 16 14:52:39 AEDT 2016
I’m guessing the answer is mobile VPN and ‘end-to-end’ encryption.
From: sofdev-bounces at edulists.com.au [mailto:sofdev-bounces at edulists.com.au] On Behalf Of Mark
Sent: Wednesday, 16 November 2016 2:37 PM
To: Year 12 Software Development Teachers' Mailing List <sofdev at edulists.com.au>
Subject: [Year 12 SofDev] SD exam - C8 security protocols
Hi, greyhats and greybeards. I need help.
C8 is asking about protocols for the mobile devices with the app to send this information as securely as possible.
I'm no mobile phone technology whizkid, so I hope someone can clarify things for me.
The case study makes no reference to how the phones send data from the app to the SBH system.
The phone would be using 3G or 4G technology - does the app designer have any control over 3G/4G communication security?
Is C8 assuming the app's data will go over 3G/4G using HTTP with SSL or TLS encryption? (This is what I assume the Q is fishing for.)
Or could the data go from the phone over 3G/4G using a different protocol entirely, such as text messaging (does that use HTTP?) or something I've never even heard of (which is very, very likely).
What security protocols do phone companies use to get data from mobile towers to their destinations?
Surely not all data sent by all apps over mobile phone connections uses HTTP/HTTPs. Or is it?
When you get an Angry Birds high score on your phone, is that data sent to Rovio over HTTP? Is it sent to your phone company using one protocol, then to Rovio with a different protocol?
Apart from SSL/TLS (or pre-encryption of entire data files using an RSA variant), what protocol can a phone app use to send information as securely as possible?
I have no idea.
Thanks in advance if you have a clue. I'd be keen to learn about this newfangled technobother.
I just hope the kids in the exam were not expected to be mobile telecommunications engineering experts.
I shall do research in the interim. My ignorance of this field is becoming increasing obvious to us all.
Mark
--
Mark Kelly
mark at vceit.com<mailto:mark at vceit.com>
http://vceit.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.edulists.com.au/pipermail/sofdev/attachments/20161116/f7a69e37/attachment.html
More information about the sofdev
mailing list