None of the options mentioned is very secure because they don't use SSL connections. A secure connection would use HTTPS to connect to a web server and use something like oAuth2 to authenticate the request. The request from the Web Server to the database server would also be done using an SSL connection. All this done with proper certificate providers rather than self generated certificates.
keirS is correct. I was referring to a different aspect of security. Which is the ability of a hacker to modify your app and harm the database with a sort of SQL injection.