Java Applet 可以添加哪些安全性?

发布于 2024-08-12 03:08:49 字数 151 浏览 6 评论 0原文

在构建 Java Applet 时,是否可以采取任何步骤来防止用户调用内部方法?

理论上,大多数对象都可以在客户端计算机上进行分析并调用方法。

除了混淆之外,还有其他步骤可以帮助防止这种情况吗?

我的情况是确保最高分直接从客户端发送的游戏。

When building a Java Applet are there any steps that can be made to prevent a user invoking internal methods?

Theoretically most objects can be analysed and methods can be invoked on a client machine.

In addition to obfuscation are there any other steps that can help prevent this?

My situation is to secure a game where the top score is sent direct from the client.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

眼睛会笑 2024-08-19 03:08:50

如果您的游戏太难自动化,并且无法由机器人以比任何人都可以做的更有成效的方式玩,那么以一定的随机间隔向服务器请求游戏状态将是一个好主意。您可以实现类似 CAPTCHA 的机制,该机制将融入游戏故事并带来挑战-响应身份验证到一个小型的图灵式测试,玩家必须时不时地通过解决特定的谜题来“证明”他是人类。一直以来,您都会验证分数的演变,并拒绝任何不符合预先计算的每级别或每单位时间最大分数公式(给定当前系统状态)的值。我不是安全专家,但我想这一切都会给潜在的攻击者带来相当大的困难。

If your game is too difficult to be automated and played by a bot in a much fruitful manner than any human could do, then it would be a good idea to request the game's state from the server at certain random intervals. You could implement a CAPTCHA-like mechanism that would blend into the game's story and bring the level of Challenge-Response authentication to a small Turing-like test, where the player would have to "prove" from time to time that he is human by solving a specific puzzle. All this time, you verify the evolution of the score, and reject any values that would not fit a precomputed formula of maximal score per level or per unit of time, given the current system's state. I am not a security expert, but I imagine that all this would give a potential attacker quite a hard time.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文