- Windows* MUI 8/8.1/10
- Windows* desktop
This version of the App Security API introduces three major scopes: secure data (data-in-use), secure storage (data-at-rest) and secure transport (data-in-move). It is primarily an introduction of the concept and the delivery of this new API collection with the Intel® XDK (http://xdk-software.intel.com/) , a Cordova plugin (https://github.com/01org/AppSecurityApi), or a Crosswalk extension (https://github.com/01org/AppSecurityApi/tree/master/windows_crosswalk). You can start to build applications with the App Security API plugin, learn about the API collection using this documentation and the sample applications (https://software.intel.com/en-us/html5/articles/my-private-notes-sample and https://software.intel.com/en-us/xdk/article/my-private-photos-sample), and try to integrate the App Security API plugin in your applications.
You can use these API anywhere in the application. Here are several usage examples
- A game keeps a score for a player. Suppose players get credits and promotions based on their score. You can maintain the score as secure data while the game is being played and save it as secure storage when the game is closed.
- A personal note application stores all data on the web. To improve performance, while maintaining confidentiality, you can download the data (requested by the user) from the web and cache it using secure storage on the device. Next time it is used, the application can read it from the device and does not need to access the web.
- An application uses access and authentication to a cloud backend. To keep the communication alive it uses a token that was created by the backend. The application can cache the token using secure storage, and send the token securely to the backend using secure transport.
The API are grouped in ‘mega-functions’ (namespace), each mega-function includes a collection of API within the scope of functionality. This version of the App Security API is primarily targeting the introduction of the new API, you can take advantage of capabilities that are on par with the capabilities of the platform and operating system. The API is built in a way that can be extended, while maintaining a solid API layer. Future extensions may include:
- Improved security of the middleware implementation, using hardware technologies and advanced software techniques.
- Wider scope of API, adding mega-functions, such as secure identity, or secure input/output.
Collection of API that provide data in-use protection and data sealing support. Enables creating, managing and using a data stream object in memory. Access to this object is done via an instance ID. Sensitive object properties and sensitive content are hidden.
Collection of API that provide data at-rest protection. Enables storing and retrieving data objects using non-volatile storage.
Collection of API that provide client-server HTTPS communication enhanced protection. Enables sending secure data elements within regular data to trusted remote servers.
- Common Data Structures
Common data structures used within the different API.
- Frequently Asked Questions
App Security API frequently asked questions.
- Code snippets
App Security API code snippets.
Protect connection tokens, to address ‘Man in the Cloud’ attacks.
Use Secure Data API to protect the confidentiality of the authentication token in memory.
Secure your locally cached data with low-level cryptography protections.
Use Secure Storage API to protect the data saved on the device.