客户端数据加密/ SQL Server Express LocalDB
.NET中保护半敏感客户端数据的策略是什么(只有应用程序本身可以使用/看到它)?
What are the strategies in .NET to secure semi-sensitive client-side data (so that only the application itself can use/see it)?
信息包含在随附的mdf文件(由SQL LocalDB使用)中,并且仍然保持相同的安全级别?如果是这样,那么如何?
Could the information be contained in an accompanying mdf file (used by SQL LocalDB) and still maintain the same level of security? If so, how?
我明白,由于我们在谈论客户端应用程序,所以没有绝对的方式来保护数据。我大部分都在寻找方法,使其难以阻止人们尝试。理想情况下,解决方案对应用程序开发人员而言(主要)是透明的。
I understand that since we are talking about client-side application there is no absolute way to secure the data. I'm mostly looking at ways to make it difficult enough to discourage people attempting it. Ideally the solution would be (mostly) transparent to the application developers.
最好的方法是将代码放在加密的存储过程中,但是一旦将MDF文件提交给某人,就可以将其附加到具有管理权限的SQL Server(如其LocalDB实例)和他们平凡地解密。
Not really. Your best shot would be putting your code in encrypted stored procedures, but as soon as you hand the MDF file to someone, they can attach it to a SQL Server where they have total admin rights (like their LocalDB instance) and decrypt them trivially.