All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to encrypt and decrypt the data in the file.
I use a dataset to load data to my forms and commit changes to the dataset and then write it to the xml file.
Thanks,
Brian
9  1850 
"Brian P. Hammer" <bhammer@le "DASH" aviation.com> wrote in message news:%2******** *******@TK2MSFT NGP09.phx.gbl.. .
All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to encrypt and decrypt the data in the file.
I use a dataset to load data to my forms and commit changes to the dataset and then write it to the xml file.
Thanks,
Brian
That depends on how you use these files. You can encrypt the entire file or individual elements. I need to know more to give a descent advice.
/Fredrik
To control access to the files on disk, you could enable EFS on the file
system. That will keep prying eyes from being able to examine the files on
the drive.
To transmit the data using Web Services, look at WS_Security.
--
Chris Rolon
"Brian P. Hammer" <bhammer@le "DASH" aviation.com> wrote in message
news:#S******** *****@TK2MSFTNG P09.phx.gbl...
All - I have an app that saves data to a xml file via a dataset. Our
company stores some data in various xml files that is now considered a risk
under its security policy. What's the best way to encrypt and decrypt the
data in the file.
I use a dataset to load data to my forms and commit changes to the dataset
and then write it to the xml file.
Thanks,
Brian
We use the files to track market values of some aircraft. Each customer has a different file/xml data file. Internally, the files are stored on a secure file server with permissions. The real case is that sometimes, the files are emailed and found on client workstations. As you know, you can open the file with a text editor or browser.
The files can be saved from and opened with our application. It is not the element that is the problem, it's the data within the element. For example, some files contain how much they paid for the asset and which executives use it. This is the type of data I want to scramble so that it appears meaningless.
Thanks,
Brian
"Fredrik Wahlgren" <fr************ ****@mailbox.sw ipnet.se> wrote in message news:%2******** *******@tk2msft ngp13.phx.gbl.. .
"Brian P. Hammer" <bhammer@le "DASH" aviation.com> wrote in message news:%2******** *******@TK2MSFT NGP09.phx.gbl.. .
All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to encrypt and decrypt the data in the file.
I use a dataset to load data to my forms and commit changes to the dataset and then write it to the xml file.
Thanks,
Brian
That depends on how you use these files. You can encrypt the entire file or individual elements. I need to know more to give a descent advice.
/Fredrik
Sorry, this won't work as the files can be copied form the server and
emailed. Thanks....
"Chris Rolon" <ch*********@re movethis.neudes ic.com> wrote in message
news:ev******** ******@TK2MSFTN GP14.phx.gbl... To control access to the files on disk, you could enable EFS on the file
system. That will keep prying eyes from being able to examine the files on
the drive.
To transmit the data using Web Services, look at WS_Security.
--
Chris Rolon
"Brian P. Hammer" <bhammer@le "DASH" aviation.com> wrote in message
news:#S******** *****@TK2MSFTNG P09.phx.gbl...
All - I have an app that saves data to a xml file via a dataset. Our
company stores some data in various xml files that is now considered a
risk
under its security policy. What's the best way to encrypt and decrypt the
data in the file.
I use a dataset to load data to my forms and commit changes to the dataset
and then write it to the xml file.
Thanks,
Brian
Hi Brian,
you can encrypt the important information by using classes in
System.Security .Cryptography namespace. If there are large data, you
can use symmetric algorithms, for example Rijndael, with unique secret
key for encrypt/decrypt. Note that is most important to protect key,
more than the type of used algorithm. I suggest you the use of
asymmetric algorithm for to protect symmetric algorithm's secret key.
you can start here: http://msdn.microsoft.com/library/de...icServices.asp
HTH
Fabio - Thanks for the feedback. Looks like the msdn article will be
helpful.
Regards,
Brian
"Fabio Cozzolino [MCAD]" <co************ *@gmail.com> wrote in message
news:11******** **************@ g14g2000cwa.goo glegroups.com.. . Hi Brian,
you can encrypt the important information by using classes in
System.Security .Cryptography namespace. If there are large data, you
can use symmetric algorithms, for example Rijndael, with unique secret
key for encrypt/decrypt. Note that is most important to protect key,
more than the type of used algorithm. I suggest you the use of
asymmetric algorithm for to protect symmetric algorithm's secret key.
you can start here:
http://msdn.microsoft.com/library/de...icServices.asp
HTH
Fabio Cozzolino [MCAD] wrote: Note that is most important to protect key,
more than the type of used algorithm. I suggest you the use of
asymmetric algorithm for to protect symmetric algorithm's secret key.
Just a note..
When you use encryption (at most in this situation) you're basically
exchanging a big secret (the data you want to protect) with a little
secret (the key). Therefore you still have a secret to store..
Encrypting your symmetric key with a asymmetric key still requires you
to store a secret, and it's not always the best option.
A symmetric key can be just a hash (see HashAlgorithm-class) of a
pass-word/-phrase - and while it's properly possible to make this work
with a asymmetric key as well, it's more complicated.
But the asymmetric approach is often used (in NTFS's EFS among others)
when you have more users that require access to the same file: on NTFS
the file (the data) is encrypted by a symmetric key, which in turn is
encrypted with each users asymmetric key.
And a finally: you shouldn't encrypt non-random data with a asymmetric
cipher, because in some algorithms this weakens the key (RSA included).
HTH
Morten, can you expand on this comment, please. I have never heard this
before. I'm completelt satisfied with a URL. And a finally: you shouldn't encrypt non-random data with a asymmetric
cipher, because in some algorithms this weakens the key (RSA included).
/Fredrik
Morten - Guess I still need to do lots of reading.... The company said
"can't you just turn letters into number and numbers into letters?" This is
easy to do and easy to figure out. I have several websites marked for
reading. Homework for this evening.
Thanks,
Brian
"Morten Dahl" <da**@cs.aau.dk > wrote in message
news:42******** *************** @news.sunsite.d k... Fabio Cozzolino [MCAD] wrote: Note that is most important to protect key,
more than the type of used algorithm. I suggest you the use of
asymmetric algorithm for to protect symmetric algorithm's secret key.
Just a note..
When you use encryption (at most in this situation) you're basically
exchanging a big secret (the data you want to protect) with a little
secret (the key). Therefore you still have a secret to store..
Encrypting your symmetric key with a asymmetric key still requires you to
store a secret, and it's not always the best option.
A symmetric key can be just a hash (see HashAlgorithm-class) of a
pass-word/-phrase - and while it's properly possible to make this work
with a asymmetric key as well, it's more complicated.
But the asymmetric approach is often used (in NTFS's EFS among others)
when you have more users that require access to the same file: on NTFS the
file (the data) is encrypted by a symmetric key, which in turn is
encrypted with each users asymmetric key.
And a finally: you shouldn't encrypt non-random data with a asymmetric
cipher, because in some algorithms this weakens the key (RSA included).
HTH
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: steve |
last post by:
Hi,
I know there are a few free and paid php source code encryption
scripts around. Has anyone used one, and any feedback?
I am interested in encrypting source that is placed on a remote host.
--
Posted using the http://www.dbForumz.com/ interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.dbForumz.com/PHP-Obfuscating-Encrypting-ftopict187987.html
|
by: kimi |
last post by:
Hello,
I am running Microsoft SQL Server 2000 on a Windows 2000 Sever. I have
been working with SQL Server, Building ASp WebSites for many years now.
I am by no means an expert - nor have I had ANY formal training. So ebar
with me if my questions seem elementary...
I have some questions regarding sensitive data and encryption.
There is a project that is headed my way were the social security number
is being used as the unique...
|
by: everpro |
last post by:
Hello,
I am trying to determine how to figure out the following:
1) If our DB2 Connect Gateway is encrypting userids, passwords AND
data or not.
2) If not, how do I enable encryption. I've read about how to use
the Authentications value at the Catalog command to encrypt userids and
passwords, but I cannot find anything about DATA encryption.
|
by: jimfortune |
last post by:
This idea is still in the process of formulation. I'm considering the
idea of storing encrypted data in memo fields. Since the data is for
internal use only I don't think the legal limits on encryption apply.
So memo fields are required because I want to use a couple of 500 or so
digit safe primes for the encryption. Note that public key encryption
has been around for quite a while so some organizations may have a
pretty large prime...
|
by: Brian P. Hammer |
last post by:
All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to encrypt and decrypt the data in the file.
I use a dataset to load data to my forms and commit changes to the dataset and then write it to the xml file.
Thanks,
Brian
| | |
by: Richard L Rosenheim |
last post by:
Anyone care to express their two cents over pros and cons of encrypting the
data being transmitted (within the SOAP package) versus just utilizing a
HTTPS connection?
Richard Rosenheim
|
by: Parrot |
last post by:
I cannot get an answer as to why my session state no longer remains active
between webpages after working for 2 years. So I want to try to pass data
thru query strings in my url. I tried to use SecureString to encrypt the
sensitive data but cannot figure out how to encrpyt data using this method
from the documentation. Does anyone have an example of how to encrpyt data
when passing data with a url in a Redirect to another webpage using C#...
|
by: SeeSharp Bint |
last post by:
Visual Studio 2005, dotnet, c#. Microsoft SQL Server. Windows XP forms
application.
Temporarily, for my database application, I have been storing the various
elements of database connection items like datasource,password,userid as
plain strings in the registry.
I'd now like to make these secure against people reading them.
I thought of encrypting/decrypting each string when i write to the registry
but I wouldnt know where to find a...
|
by: Tery |
last post by:
I'm trying to implement the Handango.com HTTP POST registration method. The
instructions are here:
http://www.handango.com/marketing/developerTeam/HTTP_Post_Reg_Model_How2.doc
I'm stuck on how to encrypt a value using the public key in the Handango
certificate.
Does anyone have any suggestions or sample asp.net code on how to implement
this?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
