Community

Securing the .mmpk file on the device

2095
8
05-16-2019 01:30 AM
SandeepKuniel1
by
New Contributor III
‎05-16-2019 01:30 AM

We are in the process of creating an offline application(for android, uwp & ios) using Xamarin Forms with editing capabilities for the field worker.

The workflow is to download the offline map package (.mmpk file), record/edit records in the field and post it whenever network is restored.

One of the concerns we have is the security of the map package, the data is sensitive and the customer would not like it to be tampered, except by the concerned application.

Is there any workflow to secure this map package? 

0 Kudos
8 Replies
MichaelBranscomb
by Esri Frequent Contributor
Esri Frequent Contributor
‎05-21-2019 08:03 AM

Hi,

We're investigating workflows for ArcGIS Pro and ArcGIS Runtime to support aspects such as encryption, password protection, and expiration of mobile map packages. At this time all I can say is these features are on the roadmap.

Cheers

Mike

SandeepKuniel1
by
New Contributor III
‎05-22-2019 03:34 AM

Nice Michael,

Any detail on which Arcgis version is going to carry this functionality?

As of now, we are securing the files inside a local password protected DB.Which is extracted on the fly by the application and destroyed upon usage.

It would be nice to hear more about the approach you intend to take, in order to resolve the issue.

0 Kudos
MichaelBranscomb
by Esri Frequent Contributor
Esri Frequent Contributor
‎05-22-2019 09:27 AM

Hi,

I can't share any information yet on password protection / encryption but support for expiration of mmpk files is on the short term roadmap for an upcoming release of ArcGIS Pro (it was included in the ArcGIS Runtime v100.5 API in readiness).

Cheers

Mike

0 Kudos
SandeepKuniel1
by
New Contributor III
‎05-22-2019 11:37 PM

Thank you for the info Michael.

0 Kudos
KatieHansen_NIFCAdmin
by
New Contributor III
‎11-25-2020 08:57 AM

Hello Michael,

Are there any updates on encryption of mmpk files? 

Thank you

AlbertoMillán-Meléndez
by
New Contributor
‎02-04-2021 01:02 PM

this will be helpful

0 Kudos
dotMorten_esri
by Esri Notable Contributor
Esri Notable Contributor
‎05-24-2019 04:56 PM

Generally on iOS and Android, if you store data within the application's own storage area, there's no way for any other app to get at it (unless you explicitly enable that). For Android you should ensure your doesn't allow to be installed on an SD Card (albeit I believe it's still encrypting that area).

I'd suggest you should read up on how Android and iOS stores data securely. They can lock it down much better at the hardware level, than an SDK would ever be able to do, so using the built-in features of the OS is always more secure.


WRT UWP, data is stored in a folder that does require some admin access to get to, but that's about as secure as that gets - once you're elevated to administrator you can do pretty much anything. However you should consider using Bitlocker on the device to encrypt the harddrive and reduce admin access to a select few. Especially with a TPM chip on device, that gets pretty tricky to hack into.

SandeepKuniel1
by
New Contributor III
‎05-27-2019 12:39 AM

Thank you for your time Morten,

For android and ios secure storage helps but the UWP has been a concern, shall look into your suggestions.

0 Kudos