Thanks to every one :-) Yes, TLS with good set of cihper suites should help.
Regards, Prakash On Jul 22, 10:22 pm, Marc-André Laverdière <marcandre.laverdi...@gmail.com> wrote: > It looks like TLS with a trust store would be the way to go. Better > than to roll your own. > > Marc-André LAVERDIÈRE > "Perseverance must finish its work so that you may be mature and > complete, not lacking anything." -James 1:4 > mlaverd.theunixplace.com/blog > > /"\ > \ / ASCII Ribbon Campaign > X against HTML e-mail > / \ > > 2010/7/22 Prakash Rao <prakashrao1...@gmail.com>: > > > > > Thanks for the response... > > > I was just going through various protocol buffer discussion forum > > topics and found the below one which talks about putting a signature > > in proto object and do a validation before processing the payload. I > > believe this is what you guys are referring to when you say "add HMAC > > to your proto messages". Yes, this is something simple that can be > > tried out. > > >http://groups.google.com/group/protobuf/browse_thread/thread/a3a2742b... > > > We have SSL for our http communication and we allow communication from > > client only if server certificate is imported in the client keystore. > > I'm just curious to find out best possible ways to avoid my proto > > object data tampering (in case of man in the middle of attack) > > especially when server is in public domain (internet). > > > Regards, > > Prakash > > > On Jul 22, 9:36 am, Marc-André Laverdière > > <marcandre.laverdi...@gmail.com> wrote: > >> Protobuf allows you to build your conceptual protocol the way you want it. > >> If you want security features on top of it, you can either add it to > >> your messages, or you can use a secure network layer that does the > >> work for you. Its your call. > >> Personally, I'm against reinventing the wheel, so I use protobuf over > >> TLSv1 with a good set of cipher suites configured :) > > >> Marc-André LAVERDIÈRE > >> "Perseverance must finish its work so that you may be mature and > >> complete, not lacking anything." -James 1:4 > >> mlaverd.theunixplace.com/blog > > >> /"\ > >> \ / ASCII Ribbon Campaign > >> X against HTML e-mail > >> / \ > > >> 2010/7/21 Prakash Rao <prakashrao1...@gmail.com>: > > >> > Is there a way to add security layer to protocol buffer if I'm writing > >> > my proto objects to https output stream? In java we have sealed > >> > objects and we can have signature attached to it to make sure objects > >> > are not tampered on the receiving end. Is there something similar in > >> > protocol buffer as well? > > >> > I’m just trying understand what all different options that protocol > >> > buffer provides as far security is concerned when compared to web > >> > services to make sure data is not tampered. Web services comes with > >> > good security models (such XML signature, SAML) to make sure data is > >> > not tampered. > > >> > Regards, > >> > Prakash > > >> > -- > >> > You received this message because you are subscribed to the Google > >> > Groups "Protocol Buffers" group. > >> > To post to this group, send email to proto...@googlegroups.com. > >> > To unsubscribe from this group, send email to > >> > protobuf+unsubscr...@googlegroups.com. > >> > For more options, visit this group > >> > athttp://groups.google.com/group/protobuf?hl=en.-Hide quoted text - > > >> - Show quoted text - > > > -- > > You received this message because you are subscribed to the Google Groups > > "Protocol Buffers" group. > > To post to this group, send email to proto...@googlegroups.com. > > To unsubscribe from this group, send email to > > protobuf+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/protobuf?hl=en.- Hide quoted text - > > - Show quoted text - -- You received this message because you are subscribed to the Google Groups "Protocol Buffers" group. To post to this group, send email to proto...@googlegroups.com. To unsubscribe from this group, send email to protobuf+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/protobuf?hl=en.