February 19, 2007 at 8:05 am
Hi. Lets say i have an asp.net site wtih forms authentication, where the username and password are checked against values stored in a table, all done via https so the password data cant fall into the wrong hands. once the user is authenticate this is my idea:
each user has a status, stored in the status column of the users table : Admin or RegularUser.
if the user status is an Admin, and clicks on something that returns encrypted data, a sproc checks the user has admin status and uses impersonation to impersonate a login that has control to use the encryption key that encrypted the data. so the data is returned unencrypted.
is this a valid way of using encryption via asp.net, or are their security issues?
February 20, 2007 at 3:40 am
type encryption into the search bar, there are many articles that will get you started.
February 20, 2007 at 4:54 am
i have done this ages ago,and this is what gave me my current knowledge of encryption. i can encrypt columns and set them to be viewable by only certain logins, however i cant bridge the gap between using this in sql server managment studio and in an asp.net web site.
Viewing 3 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy