Air apps also have available an EncryptedLocalStore http://livedocs.adobe.com/labs/flex3/langref/flash/data/EncryptedLocalStore.html
----- Original Message ---- From: Scott Mulder <[EMAIL PROTECTED]> To: [email protected] Sent: Tuesday, January 15, 2008 10:55:37 AM Subject: RE: [flexcoders] Adobe AIR Disconnected storage with Credit Cards >From what I have figured out… Flex stores to a local db file that is accessible to any other flex app that is running on the local machine. Not secure. The only way you are going to get it to be secure (from my understanding) is to encrypt it yourself and develop a security routine yourself. Syncing with the server is either handled on your own, or if you use liveCycle or some other DTO with logic that does this automatically. There are some good tutorials on doing this with Java and LiveCycles, but I don’t have much access to my server and don’t know how to tell if I have LiveCycles installed (or knowledge of Java) so I have been writing a custom sync routine that happens whenever a record is saved that sends all unsynced records (“UPDATED”, “DELETED”, “NEW”) to the FDS gateway into a ColdFusion Service. I am also going to use GUIDs to insure that the info is unique. You’ll want to clear the CCs out of your local SQLite db manually if you intend to store it the way I’m doing it. If I’m wrong someone correct me. Scott From: [EMAIL PROTECTED] ups.com [mailto:flexcoders@ yahoogroups. com] On Behalf Of George Sent: Tuesday, January 15, 2008 1:33 PM To: [EMAIL PROTECTED] ups.com Subject: Re: [flexcoders] Adobe AIR Disconnected storage with Credit Cards For me I would never try to store sensitive private information anywhere as user don't know. I would ask to input credit cards information once again when getting back online. George Jeff Krueger wrote: > Paul, > > Thanks. Yes I was thinking about something close to that. Of course when the CC is entered you can do the check digit to make sure the number is valid. I have a good background in Flex all the way back to flex 1.5. I haven't started with AIR yet, but I am thinking so I put the CC into the value object and attempt to call my webservice to actually do the charge. I am looking for details about how the application handles the fact it can't get to the webservice. What is AIR doing being the scene to "save" that so it can resend it when a connection is available again. Yes if I encrypt the CC before putting it into the value object that helps, but I still have to answer the question for the auditors of where is the encrypted information stored. Is it purged after the connection is reestablished, etc. So in a perfect world maybe there is a flag for a field in AIR that if it has to store it for a temp time that it will encrypt it. I am just having > a hard time finding out the low level details of how this is supported (The store and forward). > > Thanks > > Jeff > > <!-- #ygrp-mkp{ border:1px solid #d8d8d8;font-family:Arial;margin:14px 0px;padding:0px 14px;} #ygrp-mkp hr{ border:1px solid #d8d8d8;} #ygrp-mkp #hd{ color:#628c2a;font-size:85%;font-weight:bold;line-height:122%;margin:10px 0px;} #ygrp-mkp #ads{ margin-bottom:10px;} #ygrp-mkp .ad{ padding:0 0;} #ygrp-mkp .ad a{ color:#0000ff;text-decoration:none;} --> <!-- #ygrp-sponsor #ygrp-lc{ font-family:Arial;} #ygrp-sponsor #ygrp-lc #hd{ margin:10px 0px;font-weight:bold;font-size:78%;line-height:122%;} #ygrp-sponsor #ygrp-lc .ad{ margin-bottom:10px;padding:0 0;} --> <!-- #ygrp-mlmsg {font-size:13px;font-family:arial, helvetica, clean, sans-serif;} #ygrp-mlmsg table {font-size:inherit;font:100%;} #ygrp-mlmsg select, input, textarea {font:99% arial, helvetica, clean, sans-serif;} #ygrp-mlmsg pre, code {font:115% monospace;} #ygrp-mlmsg * {line-height:1.22em;} #ygrp-text{ font-family:Georgia; } #ygrp-text p{ margin:0 0 1em 0;} #ygrp-tpmsgs{ font-family:Arial; clear:both;} #ygrp-vitnav{ padding-top:10px;font-family:Verdana;font-size:77%;margin:0;} #ygrp-vitnav a{ padding:0 1px;} #ygrp-actbar{ clear:both;margin:25px 0;white-space:nowrap;color:#666;text-align:right;} #ygrp-actbar .left{ float:left;white-space:nowrap;} .bld{font-weight:bold;} #ygrp-grft{ font-family:Verdana;font-size:77%;padding:15px 0;} #ygrp-ft{ font-family:verdana;font-size:77%;border-top:1px solid #666; padding:5px 0; } #ygrp-mlmsg #logo{ padding-bottom:10px;} #ygrp-vital{ background-color:#e0ecee;margin-bottom:20px;padding:2px 0 8px 8px;} #ygrp-vital #vithd{ font-size:77%;font-family:Verdana;font-weight:bold;color:#333;text-transform:uppercase;} #ygrp-vital ul{ padding:0;margin:2px 0;} #ygrp-vital ul li{ list-style-type:none;clear:both;border:1px solid #e0ecee; } #ygrp-vital ul li .ct{ font-weight:bold;color:#ff7900;float:right;width:2em;text-align:right;padding-right:.5em;} #ygrp-vital ul li .cat{ font-weight:bold;} #ygrp-vital a{ text-decoration:none;} #ygrp-vital a:hover{ text-decoration:underline;} #ygrp-sponsor #hd{ color:#999;font-size:77%;} #ygrp-sponsor #ov{ padding:6px 13px;background-color:#e0ecee;margin-bottom:20px;} #ygrp-sponsor #ov ul{ padding:0 0 0 8px;margin:0;} #ygrp-sponsor #ov li{ list-style-type:square;padding:6px 0;font-size:77%;} #ygrp-sponsor #ov li a{ text-decoration:none;font-size:130%;} #ygrp-sponsor #nc{ background-color:#eee;margin-bottom:20px;padding:0 8px;} #ygrp-sponsor .ad{ padding:8px 0;} #ygrp-sponsor .ad #hd1{ font-family:Arial;font-weight:bold;color:#628c2a;font-size:100%;line-height:122%;} #ygrp-sponsor .ad a{ text-decoration:none;} #ygrp-sponsor .ad a:hover{ text-decoration:underline;} #ygrp-sponsor .ad p{ margin:0;} o{font-size:0;} .MsoNormal{ margin:0 0 0 0;} #ygrp-text tt{ font-size:120%;} blockquote{margin:0 0 0 4px;} .replbq{margin:4;} -->
