Encription?

  • Thread starter Thread starter Charles A. Lackman
  • Start date Start date
C

Charles A. Lackman

Hello,

I just wrote a desktop application that sends and retrieves datasets to
a web service that is being run on my server (Windows Server 2003). Some of
the information contains personal information (Like SSN and Address). Is
there a way to protect this information from listeners? The application
requires a password to retrieve the information and the web service
Discovery Documentation is disabled. Does this need incription? Or is it
secure bacause it requires a dataset in a particular format before it
responds to the requrest. I suppose a port listener would be able to
retrieve information coming and going - but how would this be implimented
from the Destop App to the Service and VisaVersa? Any Information or
suggestions would be greatly appreciated.

Thanks
Chuck
 
If you are communicating to the server using Web Services, you can try
enforcing an HTTPS connection (instead of HTTP).
This uses secure sockets layer (SSL), so the data on the trip to and from
the server will be encrypted. You can also look into WSE (web services
extentions), which has security add-ons for web serivces.

You can also do manual encryption if you think it's necessary. This is easy
to do in .NET.
Check out the System.Security.Cryptography namespace. It contains many
encryption classes and utilities. By poking around Google, you can find many
samples.

-Rob Teixeira [MVP]
 
Back
Top