We are writing a corporate app which will run on a small number of in-house iPads. There will be a need to provide a number of (structurally identical) ‘setups’ on each iPad, and those setups will contain confidential data. My question is, what’s the best way of getting those setups securely onto a device (into the app’s private storage).
So far we’ve considered:
- Download from web. This is problematical because we’d have to do quite a lot of work to make this secure.
- QR codes. Render the setup as a QR code. We can generate and scan QR codes which represent the setups (they are quite small), but it looks like the available QR code APIs are either quite expensive or a little complex.
- iTunes downloads. This is being looked at but I’m not sure what the security implications are.
Have we missed something simpler?
Edit: Just to clarify, a setup takes the form of a small file. It could be XML or JSON or even plain text: it just needs to encode about ten variable names and their values.
It’s not clear what you mean by “iTunes downloads”. If this isn’t referring to iTunes File Sharing, then you should look into that. The user can add files onto the device for particular apps through iTunes.
It’s also not clear what you mean by “secure” – this has very different meanings to different people. Sticking an SSL cert onto a server and providing HTTP auth is simple enough. What kind of security beyond that are you looking for?