Encrypting Certain Properties of an Object

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Softwaremaker (msdn_at_removethis.softwaremaker.net)
Date: 06/04/04

• Next message: Softwaremaker: "What is in the CipherData in the Entropy Element"
• Previous message: Lucien: "Re: modifying verifyTrust setting at runtime?"
• Next in thread: Softwaremaker: "Re: Encrypting Certain Properties of an Object"
• Reply: Softwaremaker: "Re: Encrypting Certain Properties of an Object"
• Messages sorted by: [ date ] [ thread ]

---

Date: Sat, 5 Jun 2004 05:30:08 +0800

Hiya Fellows,

I am sending an object A to Service B through a method C

A is exposed via B's proxy stub.

So I will send in a request using something like Console.WriteLine (S.C(A))

If I need to encrypt only certain fields of A to reduce the whole payload,
what is the best way to do it (add the ID Attributes) through the
XMLSerializer ?

I know I can specify specific objects in my service to require encryption by
specifying the ID XMLAttributes on the Class. From there, I can require
clients to pass in secured and unsecured parameters in the <WebMethod>

BUT how can I set the Service Object to contain certain encrypted elements
so that the client will just only need to set the ID on a property of an
Object B that needs encryption and pass in that Object B into the parameter
of the <WebMothod> ?

In this case, I spare the client from doing any form of manual
XMLSerialization and they will just have to set the ID on the property of
the Object, reference it in the EncryptedData and send it to WSE.

However, that didnt work because once I added the wsu:Id Attribute and
deserialized it back into the object, the wsu:Id is gone.

Shouldnt we be setting the wsu:Id on the serivce-side object instead instead
of serializing at the client ?

Any tips, advice is greatly appreciated.

Thank you.

---

• Next message: Softwaremaker: "What is in the CipherData in the Entropy Element"
• Previous message: Lucien: "Re: modifying verifyTrust setting at runtime?"
• Next in thread: Softwaremaker: "Re: Encrypting Certain Properties of an Object"
• Reply: Softwaremaker: "Re: Encrypting Certain Properties of an Object"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages RE: Cannot decrypt files encrypted using Crypto API on a different ... previous message which uses the recipien't public key.) ... KEK (key encryption key) to protect the session key. ... embedded into your client app and server code). ... but what is the point to encrypt the data if ANYBODY can decrypt it (since ... (microsoft.public.platformsdk.security) Re: username and Password sent as clear text strings ... encryption of the traffic. ... SSL is used. ... client, it would seem like too much hassle for a low possibility hack. ... This is how all web applications on the planet work today by design. ... (Pen-Test) Re: username and Password sent as clear text strings ... encryption of the traffic. ... SSL is used. ... client, it would seem like too much hassle for a low possibility hack. ... This is how all web applications on the planet work today by design. ... (Pen-Test) Re: Can extra processing threads help in this case? ... A Webserver rented to the client at the client's site. ... there is NO way to protect the contents of the ... challenge-response encryption systems, are actually ... Explain how encrypted data transfer ... (microsoft.public.vc.mfc) Re: XP wireless questions ...setting encryption ... I never use the Linksys software for drivers. ... 802.1x authentication is only used with WPA encryption. ... wireless network. ... The manufacturers client program ... (alt.internet.wireless)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > DotNet  > microsoft.public.dotnet.framework.webservices.enhancements  > 2004-06