Re: VB2005 - Secure Access to SQL Server through Application Only

Tech-Archive recommends: Speed Up your PC by fixing your registry

VJ,
Even if I am able to encrypt the password and user ID in the file on the client side, how would I tell the application to decrypt them each time it needed to access the database? Since it automatically tries to handle opening and closing connections based on the connection string, I would need some way to inject the UID/Pass into the string. Do you have any specific tutorials you could forward me to?

Many thanks,
Matt

Vijay wrote:
I would go with SQL Server authentication and try to store the ID/PWD encrypted on the client side within a XML, text file.. whatever maybe your choice or comfort.. There are several examples how to encrypt/decrypt strings with 2003/1.1 you can easily apply the same to 2005 ...Or might even be easier in 2005/.NET 2.0

VJ
.

Relevant Pages

  • Re: Can web site data be protected from access by the webmasters?
    ... > little about web site design or internet security. ... > Canceling a contract can be an expensive hassle. ... > The client contacted me after the fact of contract signing. ... SSL does nothing but encrypt the stream ...
    (microsoft.public.sqlserver.security)
  • In Search for the Proper Crypto System
    ... an asymetrical key cryptology. ... public/private key to encrypt only the symetric key used to encrypt the data ... the private key is eventually revealed. ... before A sends it to the first client, C1, and before any client sends it to ...
    (sci.crypt)
  • Re: Sniffing on WPA
    ... The point is, after you do ARP Cache Poisoning, what you get is *plain ... The AP just decrypt all the traffic from the *poisoned client* then ... encrypt the traffic within your own encrypted channel (I mean, ... evil guy WPA channel) with your own key so you can sniff it. ...
    (Pen-Test)
  • RE: Cannot decrypt files encrypted using Crypto API on a different
    ... but what is the point to encrypt the data if ANYBODY can decrypt it (since ... the server just sends something to somebody or first the client contacts the ... supposed to somehow encrypt the file and distribute it to the clients. ... the server generates session key, wraps it with the client's public key, ...
    (microsoft.public.platformsdk.security)
  • Re: RSA - Public vs. Private Keys
    ... This is a common pattern for license software ... your client will send a unique machine hash to the ... will let us decrypt with a Public Key (or simply not ... |> RSA is intended to encrypt messages with public keys only. ...
    (microsoft.public.dotnet.security)