Using Amazon S3 API For iPhone
I'm able to upload files from iPhone using ASIHTTPRequest wrapper for an application which allows simple storage to my account. The question i'm concerned about is, could distributing the acc开发者_运维技巧ess keys along with the application be a good idea? what is the best way to deal with it in terms of security? are the keys i use sniffable via monitors over https? any suggestions over it will be appreciated.
I upload files to a server (using ASIHTTPRequest) and then from the server to an AWS account for this very reason. I can control the security on the server much easier than I can on devices. Plus, if I need to change the keys I can do it on the server very quickly.
This will add another layer to your application but I think it's well worth it.
You can also check out this post Architectural and design question about uploading photos from iPhone app and S3
精彩评论