.NET中缓存数据的安全性 [英] Security of cached data in .NET
问题描述
我缓存了从SQL Server 2005中通过C#ASP .NET 4.0 Web App(大约50000行32列)获取的一个DataTable。
缓存缓存是在客户端。
我想知道DataTable是否安全,或者在缓存中不安全?
如果不安全
- 如何从缓存中直接获取该数据并被查看[不通过我的Web应用程序作为非开发人员]
- 如何保护数据。
数据与服务器和Web应用程序一样安全。 >
如果有人拥有物理访问权限(或通过RDP),它们总是可以导致内存转储,并直接从内存读取值。
根据它的写法,应用程序可能会暴露完整的缓存。
如果其中任何一个不是关心的话,您可以考虑将缓存安全。
更新:
谈论客户端 - 客户端的没有任何可以被认为是完全安全的。客户端可以对其机器进行物理访问,因此可以进行内存转储和任何其他技巧(包括直接内存检查)。
如果客户端不需要所有的数据,只分享最低要求。不要坚持下去。
I cached one DataTable fetched from SQL Server 2005 through C# ASP .NET 4.0 Web App [around 50000 row 32 columns]..
Cache by mean is on Client-Side.
I want to know whether the DataTable is secure Or Insecure in the Cache?
If insecure than
- how to get that Data directly from cache and be viewed [not by my Web App as a non developer]
- how to secure the Data.
The data is as secure as the server and the web application are.
If someone has physical access to the box (or through RDP), they can always cause a memory dump and read the values directly from memory.
Depending on how it was written, the application might expose the full Cache.
If either of these are not concerns, you can consider the Cache to be secure.
Update:
Seeing as you are talking about client side - nothing on the client side can be considered completely safe. The client has physical access to their machine and therefor can do a memory dump and any number of other tricks (including direct memory inspection).
If the client does not need all of the data, only share the minimum required. Do not persist it.
这篇关于.NET中缓存数据的安全性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
