All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to encrypt and decrypt the data in the file.
I use a dataset to load data to my forms and commit changes to the dataset and then write it to the xml file.
Thanks,
Brian
9  1851 
"Brian P. Hammer" <bhammer@le "DASH" aviation.com> wrote in message news:%2******** *******@TK2MSFT NGP09.phx.gbl.. .
All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to encrypt and decrypt the data in the file.
I use a dataset to load data to my forms and commit changes to the dataset and then write it to the xml file.
Thanks,
Brian
That depends on how you use these files. You can encrypt the entire file or individual elements. I need to know more to give a descent advice.
/Fredrik
To control access to the files on disk, you could enable EFS on the file
system. That will keep prying eyes from being able to examine the files on
the drive.
To transmit the data using Web Services, look at WS_Security.
--
Chris Rolon
"Brian P. Hammer" <bhammer@le "DASH" aviation.com> wrote in message
news:#S******** *****@TK2MSFTNG P09.phx.gbl...
All - I have an app that saves data to a xml file via a dataset. Our
company stores some data in various xml files that is now considered a risk
under its security policy. What's the best way to encrypt and decrypt the
data in the file.
I use a dataset to load data to my forms and commit changes to the dataset
and then write it to the xml file.
Thanks,
Brian
We use the files to track market values of some aircraft. Each customer has a different file/xml data file. Internally, the files are stored on a secure file server with permissions. The real case is that sometimes, the files are emailed and found on client workstations. As you know, you can open the file with a text editor or browser.
The files can be saved from and opened with our application. It is not the element that is the problem, it's the data within the element. For example, some files contain how much they paid for the asset and which executives use it. This is the type of data I want to scramble so that it appears meaningless.
Thanks,
Brian
"Fredrik Wahlgren" <fr************ ****@mailbox.sw ipnet.se> wrote in message news:%2******** *******@tk2msft ngp13.phx.gbl.. .
"Brian P. Hammer" <bhammer@le "DASH" aviation.com> wrote in message news:%2******** *******@TK2MSFT NGP09.phx.gbl.. .
All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to encrypt and decrypt the data in the file.
I use a dataset to load data to my forms and commit changes to the dataset and then write it to the xml file.
Thanks,
Brian
That depends on how you use these files. You can encrypt the entire file or individual elements. I need to know more to give a descent advice.
/Fredrik
Sorry, this won't work as the files can be copied form the server and
emailed. Thanks....
"Chris Rolon" <ch*********@re movethis.neudes ic.com> wrote in message
news:ev******** ******@TK2MSFTN GP14.phx.gbl... To control access to the files on disk, you could enable EFS on the file
system. That will keep prying eyes from being able to examine the files on
the drive.
To transmit the data using Web Services, look at WS_Security.
--
Chris Rolon
"Brian P. Hammer" <bhammer@le "DASH" aviation.com> wrote in message
news:#S******** *****@TK2MSFTNG P09.phx.gbl...
All - I have an app that saves data to a xml file via a dataset. Our
company stores some data in various xml files that is now considered a
risk
under its security policy. What's the best way to encrypt and decrypt the
data in the file.
I use a dataset to load data to my forms and commit changes to the dataset
and then write it to the xml file.
Thanks,
Brian
Hi Brian,
you can encrypt the important information by using classes in
System.Security .Cryptography namespace. If there are large data, you
can use symmetric algorithms, for example Rijndael, with unique secret
key for encrypt/decrypt. Note that is most important to protect key,
more than the type of used algorithm. I suggest you the use of
asymmetric algorithm for to protect symmetric algorithm's secret key.
you can start here: http://msdn.microsoft.com/library/de...icServices.asp
HTH
Fabio - Thanks for the feedback. Looks like the msdn article will be
helpful.
Regards,
Brian
"Fabio Cozzolino [MCAD]" <co************ *@gmail.com> wrote in message
news:11******** **************@ g14g2000cwa.goo glegroups.com.. . Hi Brian,
you can encrypt the important information by using classes in
System.Security .Cryptography namespace. If there are large data, you
can use symmetric algorithms, for example Rijndael, with unique secret
key for encrypt/decrypt. Note that is most important to protect key,
more than the type of used algorithm. I suggest you the use of
asymmetric algorithm for to protect symmetric algorithm's secret key.
you can start here:
http://msdn.microsoft.com/library/de...icServices.asp
HTH
Fabio Cozzolino [MCAD] wrote: Note that is most important to protect key,
more than the type of used algorithm. I suggest you the use of
asymmetric algorithm for to protect symmetric algorithm's secret key.
Just a note..
When you use encryption (at most in this situation) you're basically
exchanging a big secret (the data you want to protect) with a little
secret (the key). Therefore you still have a secret to store..
Encrypting your symmetric key with a asymmetric key still requires you
to store a secret, and it's not always the best option.
A symmetric key can be just a hash (see HashAlgorithm-class) of a
pass-word/-phrase - and while it's properly possible to make this work
with a asymmetric key as well, it's more complicated.
But the asymmetric approach is often used (in NTFS's EFS among others)
when you have more users that require access to the same file: on NTFS
the file (the data) is encrypted by a symmetric key, which in turn is
encrypted with each users asymmetric key.
And a finally: you shouldn't encrypt non-random data with a asymmetric
cipher, because in some algorithms this weakens the key (RSA included).
HTH
Morten, can you expand on this comment, please. I have never heard this
before. I'm completelt satisfied with a URL. And a finally: you shouldn't encrypt non-random data with a asymmetric
cipher, because in some algorithms this weakens the key (RSA included).
/Fredrik
Morten - Guess I still need to do lots of reading.... The company said
"can't you just turn letters into number and numbers into letters?" This is
easy to do and easy to figure out. I have several websites marked for
reading. Homework for this evening.
Thanks,
Brian
"Morten Dahl" <da**@cs.aau.dk > wrote in message
news:42******** *************** @news.sunsite.d k... Fabio Cozzolino [MCAD] wrote: Note that is most important to protect key,
more than the type of used algorithm. I suggest you the use of
asymmetric algorithm for to protect symmetric algorithm's secret key.
Just a note..
When you use encryption (at most in this situation) you're basically
exchanging a big secret (the data you want to protect) with a little
secret (the key). Therefore you still have a secret to store..
Encrypting your symmetric key with a asymmetric key still requires you to
store a secret, and it's not always the best option.
A symmetric key can be just a hash (see HashAlgorithm-class) of a
pass-word/-phrase - and while it's properly possible to make this work
with a asymmetric key as well, it's more complicated.
But the asymmetric approach is often used (in NTFS's EFS among others)
when you have more users that require access to the same file: on NTFS the
file (the data) is encrypted by a symmetric key, which in turn is
encrypted with each users asymmetric key.
And a finally: you shouldn't encrypt non-random data with a asymmetric
cipher, because in some algorithms this weakens the key (RSA included).
HTH
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: steve |
last post by:
Hi,
I know there are a few free and paid php source code encryption
scripts around. Has anyone used one, and any feedback?
I am interested in encrypting source that is placed on a remote host.
--
Posted using the http://www.dbForumz.com/ interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.dbForumz.com/PHP-Obfuscating-Encrypting-ftopict187987.html
|
by: kimi |
last post by:
Hello,
I am running Microsoft SQL Server 2000 on a Windows 2000 Sever. I have
been working with SQL Server, Building ASp WebSites for many years now.
I am by no means an expert - nor have I had ANY formal training. So ebar
with me if my questions seem elementary...
I have some questions regarding sensitive data and encryption.
There is a project that is headed my way were the social security number
is being used as the unique...
|
by: everpro |
last post by:
Hello,
I am trying to determine how to figure out the following:
1) If our DB2 Connect Gateway is encrypting userids, passwords AND
data or not.
2) If not, how do I enable encryption. I've read about how to use
the Authentications value at the Catalog command to encrypt userids and
passwords, but I cannot find anything about DATA encryption.
|
by: jimfortune |
last post by:
This idea is still in the process of formulation. I'm considering the
idea of storing encrypted data in memo fields. Since the data is for
internal use only I don't think the legal limits on encryption apply.
So memo fields are required because I want to use a couple of 500 or so
digit safe primes for the encryption. Note that public key encryption
has been around for quite a while so some organizations may have a
pretty large prime...
|
by: Brian P. Hammer |
last post by:
All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to encrypt and decrypt the data in the file.
I use a dataset to load data to my forms and commit changes to the dataset and then write it to the xml file.
Thanks,
Brian
| | |
by: Richard L Rosenheim |
last post by:
Anyone care to express their two cents over pros and cons of encrypting the
data being transmitted (within the SOAP package) versus just utilizing a
HTTPS connection?
Richard Rosenheim
|
by: Parrot |
last post by:
I cannot get an answer as to why my session state no longer remains active
between webpages after working for 2 years. So I want to try to pass data
thru query strings in my url. I tried to use SecureString to encrypt the
sensitive data but cannot figure out how to encrpyt data using this method
from the documentation. Does anyone have an example of how to encrpyt data
when passing data with a url in a Redirect to another webpage using C#...
|
by: SeeSharp Bint |
last post by:
Visual Studio 2005, dotnet, c#. Microsoft SQL Server. Windows XP forms
application.
Temporarily, for my database application, I have been storing the various
elements of database connection items like datasource,password,userid as
plain strings in the registry.
I'd now like to make these secure against people reading them.
I thought of encrypting/decrypting each string when i write to the registry
but I wouldnt know where to find a...
|
by: Tery |
last post by:
I'm trying to implement the Handango.com HTTP POST registration method. The
instructions are here:
http://www.handango.com/marketing/developerTeam/HTTP_Post_Reg_Model_How2.doc
I'm stuck on how to encrypt a value using the public key in the Handango
certificate.
Does anyone have any suggestions or sample asp.net code on how to implement
this?
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
