加密SQL Server连接字符串
[英]Encrypt SQL Server connection string
问题描述
If one has a connectionstring in one's application, is there a way to encrypt the information it contains? 
如果一个人的应用程序中有一个连接字符串,是否可以对其中包含的信息进行加密?
The connection string is created using the SqlConnectionStringBuilder object. 使用SqlConnectionStringBuilder对象创建连接字符串。
Or is it 'acceptable' that sensitive information is sent in plaintext to the server? 还是敏感信息以明文形式发送到服务器是“可以接受的”?
2 个解决方案
解决方案1
2 已采纳 2009-12-26 23:35:07
well you can use AES for example, to encrypt the data, send the encrypted connection string to the database computer. 很好,例如,您可以使用AES来加密数据,将加密的连接字符串发送到数据库计算机。 on that computer you need to build a listener that is getting the encrypted connection string and then decrypt it and connect to server. 在那台计算机上,您需要构建一个侦听器,该侦听器将获取加密的连接字符串,然后将其解密并连接到服务器。 you need to build a softwere between the database computer and the user computer if you want to encrypt\\decrypt all the data, but for the ConnectionString that the way...(encrypt -> send it to the server to a listener -> decrypt) 如果要加密/解密所有数据,则需要在数据库计算机和用户计算机之间建立一个softwere,但是对于ConnectionString来说...(加密->将其发送到服务器的侦听器->解密) )
Hope it helps. 希望能帮助到你。 Amit. 艾米特。
解决方案2
1 2009-12-26 10:42:14
Is it 'acceptable' that sensitive information is sent in plaintext to the server?
It depends on how much level of security you want for you application, as security critical apps might need encryption of the connection string. 这取决于您希望应用程序达到多少安全级别,因为安全关键型应用程序可能需要对连接字符串进行加密。
Use encryption sparingly and judiciously though - there is a performance hit . 谨慎而谨慎地使用加密- 会降低性能 。
Edit: Changed the link, Linked to MSDN (more info) 编辑:更改链接,链接到MSDN(更多信息)
Thanks 谢谢
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.