Click here to Skip to main content
15,879,239 members
Search within:


Data communications - Winforms to database over the internet
Please Sign up or sign in to vote.
2.00/5 (1 vote)
Dear all,

I have puzzled myself over data communications from winforms to the SQL server database.

Here is the scenario:

I am developing a windows application which I will be publishing via ClickOnce technology.
Therefore, the client resides on user PC and the data will be communicated to a SQL server database on the internet somewhere.

I am concerned for the data security of the data transmitted from the user PC to the database.

Can anyone shed some light on how to secure the data.

FYI: I can implement a data layer which has the connection string to the SQL server. If required, I can also implement web services, etc etc.
I am open to all suggestions.

Thanks.

Regards,
Nayan
Posted
Add a Solution
Comments
Sergey Alexandrovich Kryukov 30-Apr-13 19:09pm    
Not clear what are you concerns. This is not even a question.
—SA
Nayan Ambaliya 30-Apr-13 19:21pm    
My question is:

How should I secure the data communication from the client to the database (sitting on the internet MS SQL Server)
Should it be normal connection string in a dll or should it be a web service with https etc etc.
I hope this makes you understand my question.

Regards,
Nayan
[no name] 30-Apr-13 21:34pm    
Well does not help me at all. What, exactly, is the concern? What is the specific problem that you are trying to solve? How do you think that a connection string in a DLL somehow secures your data? What benefit do you think a web service provides to you? What do you think is wrong with the SQL Server security?
Nayan Ambaliya 30-Apr-13 21:45pm    
Ok, I think I am confusing you... Let's see this another way:

Scenario:

The client application is on the user PC and the SQL server database sits on a server on the internet somewhere. The data is saved, updated and deleted from the client application to the SQL server database.

My concern:

Whenever the user either saves, updates or deletes the data, the data sent to the SQL server database will be in plain text format. I need to secure this data during transit.

Can anyone provide me with different options...

Thanks.

Regards,
Nayan

3 solutions

I suggest that you look into WCF and Web Services.
 
Share this answer
 
Posted
WCF might be a good option for you. You can take advantage of the attributes that WS-Security provides – it describes how to handle security issues within the SOAP messages. WS-Security assigns the signature and encryption information as well as the security tokens to the SOAP messages. Besides offering the traditional HTTP/HTTPS authentications, it also incorporates extra security features in the header of the SOAP message, working in the application layer.

For more information on WS-Security, you can visit this MSDN site: http://msdn.microsoft.com/en-us/library/ms977327.aspx

Good luck!
 
Share this answer
 
Posted
Thanks everyone for the solutions...
This has certainly opened up my direction..
Thanks again..

Cheers,
Nayan
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise
Privacy
Cookies
Terms of Use
Last Updated 30 Apr 2013
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900