Re: Accessing a Shared Variable

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

But wouldn't the windows service also have to have the key compiled into it,
and it would just put this out in a variable?

At some point, somewhere, you are going to have the key compiled into
something? Or in some sort of file or registry setting? It's got to to be
somewhere!

Are you worried about someone gaining access to your web server, and
decompiling your DLL's to see the key?

"MickyM" <javamick@xxxxxxxxx> wrote in message
news:1124826270.550931.283830@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> The root of the problem is always more complicated. :) Here's the
> real reason I need this and I probably need to post this in a different
> group, but here goes:
>
> We have 4 web servers that connect to our database servers. User
> passwords and other data is stored encrypted in the database. In order
> to decrypt the data, an encryption object is currently on each of the
> web servers with the encryption key compiled into it. We were looking
> for a more secure way of storing the encryption key. To be honest, I
> think making the key available in a variable that is accessible is less
> secure than having it compiled in the code.
>
> Anyone have experience on this that can suggest how to keep the key
> private and secure while having to make it available to code that is
> run 24/7 without human intervention?
>
> Does this make sense?
>
> Thanks,
> Micky
>


.

Relevant Pages

  • Re: Accessing a Shared Variable
    ... We have 4 web servers that connect to our database servers. ... web servers with the encryption key compiled into it. ... for a more secure way of storing the encryption key. ...
    (microsoft.public.dotnet.languages.vb)
  • Encryption Key Storage
    ... I posted this in the Microsoft Crypto group, ... The web servers are in the DMZ. ... I know storing the encryption key on disk, in the registry, or in the ... Any ideas for making the key more secure in a situation where human ...
    (comp.security.misc)
  • Re: New toy
    ... But secure is secure, and a ... Security Cerrtificate. ... credentials, and thus its encryption key, are available). ... in order to set the "owner" to me. ...
    (misc.news.internet.discuss)
  • Re: Office 2004 for Mac Does Word support Secure Hyperlink creation?
    ... There is no such thing as a "secure" hyperlink. ... There are hyperlinks that point at "secure" web servers, ... (Hypertext Transport Protocol - Secure) ...
    (microsoft.public.mac.office.word)
  • Re: Public Web Server Domain Membership
    ... if you are looking for a secure anonymous web access, ... > We are planning to setup a web server in our company ... > the DMZ zone for security reasons. ... > if the web servers are part of the main domain. ...
    (microsoft.public.security)