|VMP Security and Encryption Structure / iOS and Android Security|
The VMP Server needs to authenticate itself with the GCM. This is done via an authentication token that is determined with an HTTP POST request to the GCM servers.
The token is stored on the VMP Server and is used to authenticate the application server with the GCM servers once it sends out data. In a GCM, you have three involved parties: the VMP Server that wants to push messages to the Android device, the Google GCM servers, and the Vocera Collaboration Suite client application.
For the server to send a message, the application must have a registration ID that allows it to receive messages for a particular device. The registration keys are securely stored within the SQL database.
The ClientLogin token authorizes the server to send encrypted data to the client application on the Android device. The server has one ClientLogin token and multiple registration IDs. Each registration ID represents a particular device that has registered to use the messaging service for Vocera Collaboration Suite.
When the VMP Server sends data, the following occurs:
This is the sequence of events that occurs when an Android application running on a mobile device receives a message: