Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Comment on

( #3333=superdoc: print w/ replies, xml ) Need Help??
Ok,I have to elaborate more :
You create a key container. There are machine-level and user-level containers
Specify a protected configuration provider (RsaProtectedConfigurationProvider or DataProtectionConfigurationProvider) which essentially is a class that you can use from your code.

Pass the provider your key container (in case of RSA,in case of DPAPI is simpler) and when saving the configuration file the <protectedData> sections will be encrypted.
The decryption key is not included in the configuaration file or the application.
e.g. in the case of DataProtectionConfigurationProvider the decryption key is auto-generated and saved in the Windows Local Security Authority.

When calling the application the .net framework will decrypt the connection string and makes it available to your application. You don't have to write any code to encrypt or decrypt.
Of cource if the memory of the application is compromised, the sensitive information might get compromised as well.

"How does it help to encrypt information in a config file that are afterwards transmitted in clear through the network, e.g. when connecting to a MySQL or FTP server?"
well the original question was "Where should I have configuration information in a file or database, on the basis of security and accessibility",
did not ask anything about securely transmitting the connection string, but in case you are curious you might want to look at Secure connection to SQL Server from Perl DBI

In reply to Re^3: Where should I have configuration information in a file or database by nikosv
in thread Where should I have configuration information in a file or database by vinoth.ree

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • Outside of code tags, you may need to use entities for some characters:
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?
    Username:
    Password:

    What's my password?
    Create A New User
    Chatterbox?
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others scrutinizing the Monastery: (12)
    As of 2014-07-30 18:48 GMT
    Sections?
    Information?
    Find Nodes?
    Leftovers?
      Voting Booth?

      My favorite superfluous repetitious redundant duplicative phrase is:









      Results (239 votes), past polls