Windows Encrypted File System, ASP.NET and IIS

You can use the following API to encrypt with EFS:

[DllImport("advapi32.dll", EntryPoint="EncryptFile", CharSet=CharSet.Auto)]

private static extern int EncryptFile(string file);

Mariano
"Alan Samet" <al*******@gmail.com> wrote in message
news:11**********************@g44g2000cwa.googlegr oups.com...

Is there a way to easily and securely use the Windows Encrypted File
System (EFS) with IIS and ASP.NET? Alternatively, I would prefer to
find some sort of totally encrypted low-level device driver to
lock-down and encrypt a hard drive. I remember back in my high school
days experimenting with a low-level driver called KOH.COM that would
require a password upon startup to decrypt file system files. It would
be wonderful if a similar solution were available for NTFS.

-Alan

My issue isn't encrypting data with .net -- it's an issue of protecting
intellectual property on a laptop in the event that it's stolen. I
believe the encrypted file system can do the trick, except for the
security holes that I open up setting up certain services to run under
my user account.

I'd be willing to risk the security risks associated w/ the above if I
could get EFS to work on my asp.net source files without having to
hardcode my username and password in my machine.config file (which
would really totally defeat the purpose). I'm running XP Pro on my
laptop.

-Alan

One alternative that I'm considering is running Virtual PC w/ an
encrypted virtual hard drive file. I'm apprehensive about the
performance of this solution though.

It looks as if I'm going to go with a product by softwinter --
www.softwinter.com called Sentry 2020, or something similar. I'm
playing with it right now. The product allows you to create an
encrypted file that can be mounted and formatted as a hard drive if you
have the key file, and the password to the key file. This solves all of
my authentication issues with Windows EFS. I tested loading a SQL
Server database on the mounted drive. My data loading routing took
about about 5% longer to run (2:30 instead of 2:24). Performance seems
quite acceptable.

-Alan

Alan Samet wrote:

Is there a way to easily and securely use the Windows Encrypted File
System (EFS) with IIS and ASP.NET? Alternatively, I would prefer to
find some sort of totally encrypted low-level device driver to
lock-down and encrypt a hard drive. I remember back in my high school
days experimenting with a low-level driver called KOH.COM that would
require a password upon startup to decrypt file system files. It would
be wonderful if a similar solution were available for NTFS.

-Alan