Web Services only connecting to Trusted Devices

views:

answers:

Web Services only connecting to Trusted Devices

I am on a project that uses web services to communicate with hand held devices (Symbol MC70s running windows mobile 5).

We need to make sure that others on the internet can't connect to the web services and start sending info.

I have made a certificate so that the hand held will only connect to my services, but I don't know how to make sure that my services will only connect to my hand held devices.

My app is coded in the .NET Compact Framework and I am using Visual Studio 2008 SP1. My services are hosted in IIS and are coded with WCF in C# (.NET 3.5 sp1).

Any ideas?

When you say that you've "... made a certificate so that the hand held will only connect to my services", are you saying that the device uses https to the web service or that the device is locked down to only connect to the web service http URL?

Anyway, if you are concerned about the data pulled from the web service, you could encrypt it with a key known to your device.

Johann Gerell 2010-01-07 23:16:55

Yes they use HTTPS. And I am not so much concerned about data pulled from the services as data sent back to the services. If bad data is uploaded it could cause me issues...

Vaccano 2010-01-08 00:21:42

Then protect the uploaded data with a known key.

Johann Gerell 2010-01-08 08:26:43

Password-protect the services. Alternatively, authenticate the client by the client SSL certificate and issue those to your users.

No way to lock access down to a specific device. A device can be spoofed fairly easily.

Seva Alekseyev 2010-01-07 23:28:25

ansaurus

tags:

views:

answers:

Web Services only connecting to Trusted Devices

related questions