Re: MS SQL Server 2000
- From: Johan <pt00jgj@xxxxxxxxxxxxxx>
- Date: Wed, 27 Apr 2005 15:15:05 +0200
Thanx for the reply Steve,
I have figured out a sugestion for how I could implement the database access. Maybe you or someone else can give me feedback or any suggestions of improvment.
The client will be a Windows form application.
The access (record access in the database tables) will be checked manually in stored procedures.
> Depending on your requirements on security, you also have 2 addition > concerns: > 2) Encryption network transmissions. You're on a WAN, so I'm > asusming this is all internal. Do you need to encrypt the network > traffic internally?
I am planning to use .NET remoting via IIS (+binary formatter) and ssl over the WAN, is this a good idea?
I have read that it is faster than using Web services.
> 1) Encrypting the data - what if someone got the SA password, is the > data that sensitive?
The login to the database will be done via Windows authentication, and the user will not have administrator rights.
As I understand it, I can make this login on the same machine as the database is on, from my "remoting service", without using any login information, I just need to run the "remoting service" as the same user.
In the database I then have the application login data, to authenticate the real users. (This is stored as hashvalues)
I might also use EFS (encrypted file system) for the database, but I am not sure if it is needed.
Johan .
- Follow-Ups:
- Re: MS SQL Server 2000
- From: Steve Lutz
- Re: MS SQL Server 2000
- References:
- MS SQL Server 2000
- From: Johan
- Re: MS SQL Server 2000
- From: Steve Lutz
- MS SQL Server 2000
- Prev by Date: Re: Oracle ODP and Enterprise Library
- Next by Date: Architecture for distributed application
- Previous by thread: Re: MS SQL Server 2000
- Next by thread: Re: MS SQL Server 2000
- Index(es):
Relevant Pages
|
