|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Encrypting connection strings - Threat model - Best practicesI have read several articles about encrypting db connection strings and I do not really understand the fundamental reason behind this. Most articles advocate the use of DPAPI, which takes care of key management tasks. However, if the machine where the software runs is compromised, the attacker can decrypt the connection string and connect to the database, can't he ? I have also read that Windows authentication is preferred to conventional user/password authentication. What are the main reasons for this ? Finally, is encrypting connection strings only relevant in the web server context (most articles refer to the ASP.NET environment) or should it be generalized to any server or application accessing a database ? Thank you for your time and I 'd like to apologize if some readers find these questions somehow naive :) letibal re: con strings
The threat model is, that if you somehow can view the config file (via a directory traversal attack or simply a too loose ACL on the file) - you can only see the encrypted string. To decrypt it, you need to be able to execute code on that machine - which is most often more difficult. Encrypting con strings mostly makes sense in server scenarios - in client apps it is not really protecting anything because if the app (running in user context) can decrypt the data - the user can do it too. You mean Windows auth in general - or for database?? Well - i guess the main reasoning behind that is that you don't have to deal so much with passwords (e.g. do you own storage and you get rid of them in con strings) HTH dominick Show quoteHide quote > Hello, > > I have read several articles about encrypting db connection strings > and I do not really understand the fundamental reason behind this. > > Most articles advocate the use of DPAPI, which takes care of key > management tasks. However, if the machine where the software runs is > compromised, the attacker can decrypt the connection string and > connect to the database, can't he ? > > I have also read that Windows authentication is preferred to > conventional user/password authentication. What are the main reasons > for this ? > > Finally, is encrypting connection strings only relevant in the web > server context (most articles refer to the ASP.NET environment) or > should it be generalized to any server or application accessing a > database ? > > Thank you for your time and I 'd like to apologize if some readers > find these questions somehow naive :) > > letibal > 
Other interesting topics
interop & performance
Impersonation problem Problem using obfuscation Dotnet 2.0 PCKS CheckSignature Error What permission do I need to add a user to a group? (C#) Prevent others from using my class libraries What's wrong with my encryption function? Newbie Question - Thanks in Advance... Form authentication and files that shouldn'y be authenticated Keyed hash vs Digital signature ???? |
|||||||||||||||||||||||
