.net桌面应用程序中的连接字符串安全 [英] Connection string security in .net desktop application
问题描述
我正在开发一个.net winforms桌面应用程序,旨在作为备份应用程序在几个银行的分支机构上运行,只要主要(Web应用程序)由于与银行中心节点的连接问题而无法使用。除了SQL-Server数据库之外,分支机构本身并不涉及任何企业服务。因此,应用程序应该能够直接连接到SQL Server。当我必须向应用程序提供连接数据库的密码时,出现问题:
i'm developing a .net winforms desktop application intended to be run at several bank's branches as a backup application whenever the main one (a web application) is unavailable due to connection issues with the bank's central node. The branchs themselves don't count with any enterprise services besides a SQL-Server database. For that reason, the application should be able to connect directly to the SQL-Server. My problem arises when I have to provide the application with a password to connect to the database:
1)在app.config文件或类似文件中以明文形式存储密码不是一个选项(客户要求加密密码)
1) Storing the password in clear text in a app.config file or similar is not an option (the customer requires the password to be encrypted)
2)存储加密在配置文件中的密码导致需要在本地提供加密密钥。加密密钥可能只是在应用程序的代码中进行硬编码,但是使用.net反编译器或类似程序很容易读取。
2) Storing the password encrypted in a configuration file leads to the need of having an encryption key locally available. The encryption key could be just hardcoded in the application's code, but it would be easily readable by using a .net-decompiler or similar.
3)使用自定义算法由于与2)相同的原因,加密/解密不起作用。
3) Using a custom algorithm to encrypt/decrypt wouldn't work either due to the same reasons as 2).
4)银行不支持集成安全性
4) Integrated security is not supported by the bank
此外,客户要求他们能够在一个位置(分支中)更改密码,而无需从一台计算机更改另一个位置更新配置文件(排除使用可能性该机器的密钥在个人计算机的配置文件(如asp.net)中加密密码。)
Additionally, the customers requires that they should be able to change the password in one location (within a branch) without the need to go from one computer to another updating config files (that rules out the possibility of using the machine's key to encrypt the password in individual machine's config files like asp.net does)
您是否提供任何其他方法或建议来处理此问题?
我会感谢任何帮助。
提前感谢
Bernabé
Would you provide any other approach or suggestion to deal with this problem? I would appreciate any help. Thanks in advance, Bernabé
推荐答案
我不认为以任何方式掩盖密码将会解决你的问题。如果用户必须将密码发送到服务器,并且密码位于该框上,则根据定义,运行应用程序的用户必须具有对该密码的访问权限并能够对其进行解密。否则,您将无法对其进行身份验证。这意味着,无论您在何处存储,都将始终有一种方式让用户获取密码。
I don't think that encyrpting the password by any means is going to solve your problem. If the user has to send the password to server, and the password is located on the box, then by definition the user running the application must have access to the password and be able to decrypt it. Otherwise, you wouldn't be able to authenticate them. This means that there will always be a way for the user to get at the password, regardless of where you store it.
我可以想到可能有两种方式可以工作,但我恐怕他们不完全是你要找的。
I can think of 2 ways that could possibly work, but I'm afraid they're not exactly what you're looking for.
- 删除使
用户通过使用某种本地代理
向服务器
发送密码的要求(例如使用WCF Windows
服务)来获取您的winform
请求,然后将它们以
的形式发送给DB服务器。如果您使用
安装使用与用户帐户不同的帐户
的服务,则
那么您可以通过其他
答案中提到的任何方式来保护密码
。他们的关键在于使
确保应用程序用户不
可以访问
的资源,服务帐户需要解密
密码。 - 不要将密码存储在Web配置中。在数据库级别为每个用户分配不同的用户帐户和密码,并在登录时将它们键入。
这篇关于.net桌面应用程序中的连接字符串安全的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
