Security Concern

From ETC Public Wiki
Jump to: navigation, search

Raise of security problem

There are a security issue in our game, raising from our developing tools and game genre.

Developing tools

We are using HTML/Javascript to develop this game, which can run on browser as a webpage. However, webpage is not safe in current game architecture. User can see Javascript files easily in modern browsers, like Google Chrome and Mozilla Firefox. This means player can set break point easily and see which function connects with server, and sending request to change server data.

Even we can hide some functions in PHP files, users still can see how we call this PHP files and do the same thing in browser console.

Game genre

Our game is a online game, which need to connect with server to require user data and change server data according to players' action. Nearly all online games have experience that attacked by illegal network connection, since there are always some bad players want to get profit from stealing virtual economics in game. The server has to take some strategies to protect its data.

How to protect server data

We discussed several times about security problem, and got some ideas about it. Cause none of our teammate have enough experience about this problem, probably they are not good solutions. We just write them down our idea here.

Hold data in server

If data is saved in client program, that's too easy to be changed by players. Server cannot know if the data are correct, if the user action are legal. This give hackers too much space to act.

In order to ensure user actions are legal, the server program has to have self-validation steps. Every time client program send a request, the server need to validate this action. If it is legal and make sense, then take the real action; otherwise the server need to think about if this is hacking behavior.

If server hold all data, it will be a big challenge to the network transmission and machine performance. Since our game is a real-time game, need to sync data every frame, this is a very rigorous requirement.

One solution for this sync problem is, run two games at the same time on both server and client sides. Client program send user input to server to take the same update. These two games will sync in a predefined time interval. If server find client game data are far different, it is probably changed by user.

Limit interfaces on client side

Since player can see all function invocations in Javascript, it's very hard to prevent them invoking server calls in the same way.

A better ways to protect server data, is limiting interface exposed to client program. We can simple send user input to server, and let server run all game logic and judge if we can kill enemies, add golds/crowns, use bombs, etc. Of course, this have to build based on server holding game data.