For up-to-date product documentation, see the IBM MobileFirst Foundation Developer Center.


JSONStore security utilities overview

The MobileFirst client-side API provides some security utilities to help protect your user's data. Features like JSONStore are great if we want to protect JSON objects. However, it is not recommended to store binary blobs in a JSONStore collection.

Instead, store binary data on the file system, and store the file paths and other metadata inside a JSONStore collection. If we want to protect files like images, we can encode them as base64 strings, encrypt it, and write the output to disk. When it is time to decrypt the data, we can look up the metadata in a JSONStore collection, read the encrypted data from the disk, and decrypt it using the metadata that was stored. This metadata can include the key, salt, Initialization Vector (IV), type of file, path to the file, and others.

At a high level, the SecurityUtils API provides the following APIs:

Parent topic: JSONStore security utilities