469,622 Members | 2,179 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,622 developers. It's quick & easy.

How to protect when going from Internet to intranet?

I have a web application developed in ASP.NET 2.0 with SQL Server 2005.
The application is on a hosted server accessible from Internet.

I have a potential customer who insists on having the application
hosted on their own web server and SQL Server and I'm very worried
about someone stealing the application or database. I'm not so worried
about their own people doing this, but I know that other
suppliers/consultants have access to the servers and I don't trust
them.

What kind of necessary security steps should I think of if an intranet
solution should be acceptable for me?

Regards,

S

Oct 27 '06 #1
1 1221
You first have to question whether turning down their request would be an
option, or if they are prepared to host it on a machine you are responsible
for and can access and manage remotely, removing any potential access from
competitors. What can you do via agreement that the app wont be accessible
to other consultants, and how would you/they enforoce that to assure you?

If you are up against a wall then you should probably start by looking at
how you compile your application into a single assembly, so even if it was
stolen there would be a fair bit of work to try and get access to any code.
West Wind have written a nippy little front end to the asp.net compiler to
make the job easier.
http://www.west-wind.com/tools/aspnetcompiler.asp. Also, consider
watermarking your code, so a hidden method can be called to show that its
your code if you think its been deployed elsewhere.

--
--
Regards

John Timney (MVP)
VISIT MY WEBSITE:
http://www.johntimney.com
http://www.johntimney.com/blog
<st****@gmail.comwrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
>I have a web application developed in ASP.NET 2.0 with SQL Server 2005.
The application is on a hosted server accessible from Internet.

I have a potential customer who insists on having the application
hosted on their own web server and SQL Server and I'm very worried
about someone stealing the application or database. I'm not so worried
about their own people doing this, but I know that other
suppliers/consultants have access to the servers and I don't trust
them.

What kind of necessary security steps should I think of if an intranet
solution should be acceptable for me?

Regards,

S

Oct 27 '06 #2

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by Flier_75 | last post: by
1 post views Thread by McKirahan | last post: by
5 posts views Thread by asdf | last post: by
22 posts views Thread by teejayem | last post: by
2 posts views Thread by =?Utf-8?B?Sm9zZXBo?= | last post: by
8 posts views Thread by msnews.microsoft.com | last post: by
reply views Thread by devrayhaan | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.