@rtp, what you're looking to achieve is basically a RESTful web service to be consumed by different clients such as a mobile app, could be anything.
1. You need to familiarize yourself with the concept of
web services in general. There are difference web service design models such as SOAP, WSDL and REST. REST has become the most popular model and is the most useful for your case.
2. Learn about
REST in theory and then how you can implement a
REST web service in Php (The tutorial includes some example code for how you can call your web service from Java too).
Another useful tutorial.
Many well known Php frameworks can help you in implementing your web services such as:
- Symfony
- Zend
- CodeIgniter
- FulePhp
- Yii
Understanding fundamental theory about how web services and REST works is very important before starting the work.
3. Regarding security, HTTPS is not enough simply because HTTPS provides an encrypted connection between the server and the client only, so unless the server gives each user a
certificatethe server cant trust the client without another method of authentication. Here is an
interesting article about HTTPS you may find useful checking out too.
4. So this is why it would be very important to secure a REST web service with
oAuth
An open protocol to allow secure API authorization in a simple and standard method from desktop and web applications
5. If you dislike the complexity of oAuth you can try to implement some security on your own, you cah check out this
post for some inspiration.
Finally, here are 2 interesting books I came across a short time ago, considering to read one of them soon.
Restful Web Services and
REST in Practice: Hypermedia and Systems Architecture
Hope I didn't miss anything, good luck :)