Difference between revisions of "Native App"

From MgmtWiki
Jump to: navigation, search
(References)
(References)
Line 19: Line 19:
  
 
==References==
 
==References==
 +
#[[Native App Security]]
 +
#[[Native App Privacy]]
 
#IETF RFC 8252 ''OAuth 2.0 for Native Apps'' https://tools.ietf.org/html/bcp212#section-7.2
 
#IETF RFC 8252 ''OAuth 2.0 for Native Apps'' https://tools.ietf.org/html/bcp212#section-7.2
 
#Apple ''App Store Review Guidelines'' https://developer.apple.com/app-store/review/guidelines/
 
#Apple ''App Store Review Guidelines'' https://developer.apple.com/app-store/review/guidelines/
  
 
[[Category:Glossary]]
 
[[Category:Glossary]]

Revision as of 10:42, 19 August 2018

Full Title or Meme

A digital Entity that is operating on a User Device, but is typically supplied by the Web Site or some Federation.

Context

  • When discussing the use of the internet by a user, what is really meant is the presence of the user's agent on an internet connection.
  • Typically the Native App will run on a User Device in the user's physical possession, but it is possible that the agent is running on a service in The Cloud.
  • The Native App may act like a browser and supply an HTTP user agent string, but it should not be considered to be a User Agent.

Problems

  • Nearly any application running on a user's device is allowed to access the internet and claim that it represents the user. There is no built-in mechanism to test this assertion by an internet connected service. The internet was designed to connect computer systems, and that is all it can be relied upon to do.
  • Any Web Site that wishes to create a Persistent Identifier for a User will need to take responsibility for any necessary Assurance that the Native App has not been compromised by an attacker.
  • Most of the larger enterprises operating on The Web prefer to supply a Native App to the users device to improve the User Experience for that site.
  • To be sure that the User's intent is expressed by the Native App appears to be an insurmountable obstacle.

Solutions

References

  1. Native App Security
  2. Native App Privacy
  3. IETF RFC 8252 OAuth 2.0 for Native Apps https://tools.ietf.org/html/bcp212#section-7.2
  4. Apple App Store Review Guidelines https://developer.apple.com/app-store/review/guidelines/