堆栈内存溢出
  简体   繁体   English

如何在单层Winforms应用程序中安全地连接到SQL Server数据库?

[英]How to securely connect to a SQL Server database in a single tier Winforms application?

 原文  2016-03-10 17:31:33       c#/ .net/ sql-server/ database/ winforms

问题描述

Background 背景

I'm building a single tier application Winforms application using C#. 我正在使用C#构建单层应用程序Winforms应用程序。 A SQL Server localdb database is attached to the application that runs when the application does. 将SQL Server localdb数据库附加到在应用程序运行时运行的应用程序。 The plan was to use Windows Authentication to verify that the user is part of the MyApplication role/group and can use the application. 该计划是使用Windows身份验证来验证用户是否属于MyApplication角色/组并可以使用该应用程序。 But, in order to prevent users from accessing the database via other means, I was thinking of using an Application Role so that only the one SQL application user can edit the db tables. 但是,为了防止用户通过其他方式访问数据库,我正在考虑使用“应用程序角色”,以便只有一个SQL应用程序用户可以编辑db表。

Question

My understanding is that in order to use an Application Role, you need to provide a username and password in the connection string. 我的理解是,为了使用应用程序角色,您需要在连接字符串中提供用户名和密码。 I can encrypt this information, but obviously it will need decoded before being sent to the database. 我可以加密此信息,但是很显然,在将其发送到数据库之前,需要对其进行解码。 Is this a concern in a single tier application? 这是单层应用程序中的问题吗? What are other alternatives? 还有什么其他选择?

2 个解决方案

解决方案1
 0  2016-03-10 18:14:57

To use an application Role, you'll use the sp_setapprole stored procedure where you will provide the name of the application role and the password, rather than sending it in the connection string. 若要使用应用程序角色,将使用sp_setapprole存储过程,在该过程中将提供应用程序角色的名称和密码,而不是在连接字符串中发送密码。 When you use application roles, you still connect using an ordinary login, but once you successfully sp_setapprole , your connection loses its user permissions and instead gains the permissions of the application role. 使用应用程序角色时,仍然可以使用普通登录名进行连接,但是一旦成功sp_setapprole ,您的连接就会失去其用户权限,而获得了应用程序角色的权限。 Having the decoded password in memory is a concern if you have reason to believe that users may decide to use a debugger to attach to your process to extract the password. 如果您有理由相信用户可能决定使用调试器来附加到您的进程中以提取密码,则将解码后的密码存储在内存中是一个问题。 Any administrator would also be able to decrypt the encrypted password on disk as well if you choose to use windows machine-level key containers. 如果您选择使用Windows计算机级别的密钥容器,则任何管理员还可以解密磁盘上的加密密码。 Using only a single tier for an application that uses a database is a security risk, and you have to decide based on the circumstances surrounding the application whether it is an acceptable risk to gain the reward of skipping a few weeks of design and development. 对于使用数据库的应用程序仅使用单个层是存在安全风险的,因此您必须根据应用程序周围的情况来决定是否要跳过几周的设计和开发,这是否是可以接受的风险。

Source: https://technet.microsoft.com/en-us/library/ms190998(v=sql.110).aspx 来源: https : //technet.microsoft.com/zh-cn/library/ms190998(v=sql.110).aspx

I highly recommend implementing a web api to manage your application's interactions with the database as well as security. 我强烈建议实现一个Web API,以管理您的应用程序与数据库的交互以及安全性。 This web api could use a windows "service" account to authenticate with the database, and users would authenticate with the api using their individual windows accounts. 该Web api可以使用Windows“服务”帐户向数据库进行身份验证,而用户将使用其各自的Windows帐户向api进行身份验证。 This has the added benefit of you never having to think about passwords. 这具有您无需考虑密码的额外好处。 As far as managing API permissions, that is an issue that is up to you to design and implement as you see fit. 就管理API权限而言,这是您自行设计和实施的问题。 The main issue you need to understand and deal with is uniquely identifying AD users. 您需要了解和处理的主要问题是唯一标识AD用户。 Take a look at this SO post for more info on that: What Active Directory field do I use to uniquely identify a user? 请查看此SO帖子以获取有关以下内容的更多信息: 我使用哪个Active Directory字段来唯一标识用户?

Your service account would have all necessary permissions on the database to do what the application needs to do, but not all api users would necessarily have permission to use all api functions. 您的服务帐户将对数据库具有所有必需的权限,以执行应用程序需要执行的操作,但并非所有api用户都必须具有使用所有api函数的权限。 You would manage a store of uniquely identified AD users that have permission to use the application and what permissions they have. 您将管理一个具有唯一标识的AD用户的存储,这些用户具有使用该应用程序的权限以及他们拥有哪些权限。 The rest is design and implementation details that are up to you. 剩下的就是您所需的设计和实施细节。

解决方案2
 0  2016-03-10 22:50:48

Define user with privilege only to execute stored procedures. 仅以执行存储过程的权限定义用户。 By this way if someone use SQL Management Studio, s/he cannot browse/edit tables and even cannot see the table names. 这样,如果有人使用SQL Management Studio,则他/她将无法浏览/编辑表,甚至无法看到表名称。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何发布带有数据库 (.mdf) 的 3 层 WinForms 应用程序? - How do I publish a 3-tier WinForms application with database (.mdf)? 通过Sql Server数据库更改通知winforms应用程序 - Notify winforms application by Sql Server database changes C# - 安全地连接到远程SQL Server? - C# - Connect to remote SQL Server securely? 在C#Winforms应用程序中键入时如何搜索SQL Server数据库? - How can i search SQL Server Database while typing in C# Winforms application? 作弊应用程序连接到不同的SQL Server数据库 - Cheat application to connect to different SQL Server database 我的C#应用​​程序应如何安全地连接到我的AWS EC2数据库? - How should my C# application securely connect to my AWS EC2 database? 如何使用WinForms和数据库SQL Server创建.EXE文件 - How to create an .EXE file with winForms and Database SQL server 如何通过Winforms C#备份SQL Server数据库 - How to back up SQL Server database via Winforms C# Winforms:如何使用C#将图片上传到SQL Server数据库 - Winforms: How to upload a picture into SQL Server database using C# 如何通过网络将单个SQL Server数据库连接到两个不同的C#WPF应用程序 - how to connect a single SQL server database to two different C# WPF applications over the network
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM