How to secure HTTP Post services called from an iPhone app?

I'm currently developing an iPhone application which implies a server side with some services on it. I did this server side using php and I call the services with a basic HTTP Request from t开发者_StackOverflow中文版he iPhone. I don't have any idea on how to secure that kind of call and to make sure that my services are being called only from my iPhone app and not from somewhere else... Should I change my services to a standard procedure like SOAP or REST services?

Thank you for your advice.

Martin

In short, there's no 100% foolproof way to make sure that the services are only being called by your app.

In longer, if you connect over SSL (ie, use https), it will become much harder for "casual" observers to see what's going on… But it would still be possible for someone to, for example, use an HTTPS proxy and sniff the connection that way.

You could also use a method like oAuth, where there's a secret token hidden in the source code of your application, and it uses that token to authenticate its communication… But, again, it wouldn't be too hard for someone to spend an evening reverse engineering your app to extract that token.