I want to write a mobile application t开发者_StackOverflowo access a database that is currently held on our LAN and accessed by an application on the network. I know that I can open a port in our firewall to redirect the traffic from the mobile device to the database but I a concerned about the security.
What ways could I consider to provide secure mobile access to the database while still allowing access from the local network application?
What I would do in this situation is provide an interface like WCF (REST/JSON/etc.) to the database for your mobile users. Eventually you could even convert over to using that for the LAN and the web. The result would be even better security all around.
Here are some examples of how to do this:
Java RESTful Web Services Guide - http://www.oracle.com/technetwork/articles/javase/index-137171.html
WCF Guide - http://msdn.microsoft.com/en-us/netframework/dd939784
Overview of SOAP - http://www.w3schools.com/soap/default.asp
As Firebird provides a number of connectivity options (JDBC, .Net, Python) you have a lot of choice/flexibility about how you deploy your web service interface. I would look into AXIS if you are thinking of deploying with Java (http://axis.apache.org/axis/) or WCF if .Net (http://msdn.microsoft.com/en-us/library/dd203052.aspx) Whether you go for a RESTful or SOAP/XML-RPC interface depends largely on what functionality to you want to expose and to whom. A public API that you want to make available to a broad audience would probably work best as a RESTful interface (think, Twitter, Flickr etc.) if it was a closed/proprietary interface you would probably go down the SOAP route. However, mobile app development frameworks are broadly better at consuming RESTful web services than SOAP in my experience. With native iPhone apps I believe you have to roll your own SOAP interface. Some of the app accelerator tools have both SOAP and REST client support.
精彩评论