通过代理从Web Service保护数据库访问安全?
[英]Securing Database Access from Web Service via proxy?
问题描述
We are departing from our typical native application development and are developing some new web-based application services. 
我们正在脱离典型的本机应用程序开发,正在开发一些新的基于Web的应用程序服务。 We are using .Net and WCF and most likely hosting on IIS. 我们正在使用.Net和WCF,并且很可能在IIS上托管。
Our services will need to use a database to persist data. 我们的服务将需要使用数据库来保留数据。 In all cases we intend to make the database server a different box than our host. 在所有情况下,我们都打算使数据库服务器不同于主机。 Most of the resources we find seem to indicate storing the database connection string in the web.config (or app.config file for self-hosting). 我们发现的大多数资源似乎都指示将数据库连接字符串存储在web.config(或用于自托管的app.config文件)中。 Our concern is that since the service is web-facing the box it is running on is a more likely to be hacked/compromised. 我们担心的是,由于该服务是面向Web的,因此运行它的盒子更可能被黑客入侵/破坏。 If that happens, the attacker now had the DB connection string and will have full access to all of the data. 如果发生这种情况,攻击者现在将拥有数据库连接字符串,并将拥有对所有数据的完全访问权限。
An initial thought was to make the WCF service simply proxy to a server application that lives on another machine that holds the connection information and does all the processing logic. 最初的想法是使WCF服务简单地代理到驻留在另一台计算机上的服务器应用程序,该计算机保留连接信息并执行所有处理逻辑。 That way, if the the web-host is compromised they would have to figure out how to communicate with our server application, or compromise that machine as well, to gain database access. 这样,如果Web主机受到攻击,则他们必须弄清楚如何与我们的服务器应用程序通信,或者也要损害该计算机,以获取数据库访问权限。 Though we do have concerns of the performance costs of proxying and possibly having a bottle-neck at the server application. 尽管我们确实担心代理的性能成本,并且可能会对服务器应用程序造成瓶颈。
The concern with that approach is that we are not finding much in the way of WCF/IIS literature that recommending on such an approach, but we might just not know what it is called in order to find such information. 该方法的问题在于,我们在WCF / IIS文献中找不到建议这种方法的方法,但是我们可能只是不知道为了找到此类信息而被称为什么。 The question: is proxying like that a good practice and why/(why not) (or where might I find more information on this topic), or is there a better practice? 问题:代理这样的好习惯吗?为什么/(为什么不这样做)(或者在哪里可以找到关于此主题的更多信息)?或者有更好的做法吗?
1 个解决方案
解决方案1
0 已采纳 2012-07-18 14:18:30
As with these things, it all depends on how secure you need things. 与这些事物一样,这完全取决于您需要事物的安全性。 You can encrypt your web.config: 您可以加密web.config:
http://msdn.microsoft.com/en-us/library/dtkwfdky.aspx http://msdn.microsoft.com/zh-CN/library/dtkwfdky.aspx
But you have to ask that if your attacker has the ability to compromise your web host machine, they will be able to find your other server, and may also then have the ability to compromise that - not 100% sure what the net gain here is (apart from making your life more difficult). 但是您必须问,如果您的攻击者能够破坏您的网络主机,他们将能够找到您的其他服务器,然后也有可能对其进行破坏-不能100%确定这里的净收益是多少(除了让您的生活更加困难之外)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.