问题描述

我正在开发一个 .net winforms 桌面应用程序，当主要应用程序(Web 应用程序)由于与银行中央节点的连接问题而无法使用时，该应用程序将在多个银行分行作为备用应用程序运行.除了 SQL-Server 数据库之外，这些分支本身不计入任何企业服务.因此，应用程序应该能够直接连接到 SQL-Server.当我必须为应用程序提供连接数据库的密码时，我的问题就出现了:

i'm developing a .net winforms desktop application intended to be run at several bank's branches as a backup application whenever the main one (a web application) is unavailable due to connection issues with the bank's central node. The branchs themselves don't count with any enterprise services besides a SQL-Server database. For that reason, the application should be able to connect directly to the SQL-Server. My problem arises when I have to provide the application with a password to connect to the database:

1) 不能将密码以明文形式存储在 app.config 文件或类似文件中(客户要求对密码进行加密)

1) Storing the password in clear text in a app.config file or similar is not an option (the customer requires the password to be encrypted)

2) 将加密的密码存储在配置文件中会导致需要在本地提供加密密钥.加密密钥可能只是硬编码在应用程序的代码中，但使用 .net-decompiler 或类似工具可以轻松读取.

2) Storing the password encrypted in a configuration file leads to the need of having an encryption key locally available. The encryption key could be just hardcoded in the application's code, but it would be easily readable by using a .net-decompiler or similar.

3) 由于与 2) 相同的原因，使用自定义算法加密/解密也不起作用.

3) Using a custom algorithm to encrypt/decrypt wouldn't work either due to the same reasons as 2).

4) 银行不支持综合安全性

4) Integrated security is not supported by the bank

此外，客户要求他们应该能够在一个位置(在一个分支内)更改密码，而无需从一台计算机转到另一台更新配置文件(这排除了使用计算机密钥来更改配置文件的可能性)像 asp.net 一样在单个机器的配置文件中加密密码)

Additionally, the customers requires that they should be able to change the password in one location (within a branch) without the need to go from one computer to another updating config files (that rules out the possibility of using the machine's key to encrypt the password in individual machine's config files like asp.net does)

您能否提供任何其他方法或建议来解决此问题?我将不胜感激任何帮助.提前致谢，伯纳贝

Would you provide any other approach or suggestion to deal with this problem?I would appreciate any help.Thanks in advance,Bernabé

推荐答案

我认为无论如何加密密码都不能解决你的问题.如果用户必须将密码发送到服务器，并且密码位于盒子上，那么根据定义，运行应用程序的用户必须有权访问密码并能够对其进行解密.否则，您将无法对它们进行身份验证.这意味着无论您将密码存储在何处，用户总有办法获取密码.

I don't think that encyrpting the password by any means is going to solve your problem. If the user has to send the password to server, and the password is located on the box, then by definition the user running the application must have access to the password and be able to decrypt it. Otherwise, you wouldn't be able to authenticate them. This means that there will always be a way for the user to get at the password, regardless of where you store it.

我可以想到 2 种可能可行的方法，但恐怕它们并不是您想要的.

I can think of 2 ways that could possibly work, but I'm afraid they're not exactly what you're looking for.

1. 删除拥有用户将密码发送到服务器通过使用某种本地代理(例如使用 WCF 窗口服务)获取您的winform请求，然后将它们发送到您的代表数据库服务器.如果你使用帐户安装服务不同于用户的账户，那么您可以通过以下方式保护密码其他中提到的任何手段答案.他们的关键是让确保应用程序用户不可以访问的资源服务帐号需要解密密码.
2. 不要将密码存储在网络配置中.在数据库级别为每个用户分配不同的用户帐户和密码，并让他们在登录时输入.

这篇关于.net 桌面应用程序中的连接字符串安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！