Reputation: 7318
How can I keep the information confidential?
I want to write a C# application, which need to connect to database and get some information back. I was thinking if I just the connection string in my C# application directly, then the user may be very easy to get the connection string and login to my sql server directly, once that happened they can select all the information they want !
So is there any good solution for this ?
Thanks in advance !
Upvotes: 2
Views: 315
Answers (3)
Reputation: 6452
I actually had a similar requirement. I addressed it by taking my connection string and encrypting it using the Rijndael encryption logic (check it out in System.Security.Cryptography). It's very easy to use. A friend of mine has been attempting to crack this for the past 19 months, using a series of Rainbow tables - yes, he has way too much time on his hands - and has told me that "our solar system will probably go dark before I can get in." I laughed. Way too much free time.
I simply took my connection string, which I do store in an XML file (so I can change it out if needed) and encrypted it. My app, as part of its initialization process, reads in this value - decrypts it - then, connects and opens the database.
Something like "I am a piece of data that is to be encrypted" ..... once encrypted ends up something like ..... "V27AsTNsJA+BEwoGR2PbiZum5puwiLbfMa41ens8r8sSiEnn6FiT+k8ImEft Qba8ziCpie94s3bEwcPekqRfhO1Noc8lVeERyezmtqN9/0ZgmzJbNbl/3emTLLfb0Qpj" .... which obviously isn't going to be very useful to someone trying to break in.
It's worth pointing out that even with a lowly 128-bit encryption (this supports 256-bit also) remember that there are 2 raised to the power of 128 possible values, or 3.4 e+38. Think what a huge number that is:
340,000,000,000,000,000,000,000,000,000,000,000,000
If you attempt to crack this, for example, at the rate of 1 trillion attempts per second (1,000,000,000,000 / second) it could potentially take you 3 million million million years to get it. Of course, you might get it on the first guess .... probably not, though.
A 256-bit key is 1.15 e+77 and a 512-bit key is 1.34 e+154 possible values.
Upvotes: 1
Reputation: 1036
You need to encrypt connection string in web.config. Here goes it Encrypt. Also on top of this, use windows authentication (trusted connection=true). This makes sure that even if the user has the credential's, he still can't login without his ID being added to ActiveDirectory/Domain.
Upvotes: 1
Reputation: 262514
The only way around this is a three-tier architecture, where your client software does not directly connect to the database, but to an application server, which controls the database credentials and what SQL gets issued.
It may also be possible (unlikely) to restrict the permissions that the database user for the client software has to only be able to select the data that the client app really needs (and nothing else). With this approach you would be creating specific views and only granting select permissions on those. Stored procedures are another tool here. However, that likely cannot cover all cases, and is a bit dangerous in case you accidentally granted too much or a bug in the database allows privilege escalation.
But if security is a concern, I'd go three-tier.
Upvotes: 6
Related Questions
- C# ways to protect my database credentials
- C# protect database connection information
- How can one protect sensitive data in the code?
- Passing password through database how to make it secure
- How to store a password in a database for impersonation
- Encryption of SQL Login details
- How to Secure SQL in C# ASP.NET
- How to protect or hide backend data while using SQL server as Database?
- How would/do you secure your users details
- How do I securely hide database credential in C# application?