Friday, August 26, 2011 8:22 AM
I have an erp application use sql azure as the database solution or Sql Server 2008 R2 for onprimise installation.The application in Azure use schema feature with user seperation.Its Login have one or more users with rights only to the schema the application use to store the data.
This work and work correctly.
The application is Win 32 application.
Recently with Sync Framework I create a .net application who Sync the schema with on premise database.
Work ok but the problem is the in order to provision sql azure i need to use the admin server user (user with rights to control all schema in the database).
My question is how can be sure, if i provide an array of the admin users available for my sql azure servers in a const value in the .net application that this information will be secure.In 2003 when faramework 1.1 lanched i show how easilly you can get any info from a .net assemply and that was the main issue i do not use it that time.
I know about few utillities that secure .net code with encrypted ,but i need your opinion and sugestions about that issue in order to lanch my sync application to my customers.
The .net Sync Application is a Windows Form VB.net application with Visual Studio 2010.
- Moved by Jesse JiangMicrosoft Contingent Staff Monday, August 29, 2011 10:42 AM (From:.NET Compact Framework)
Monday, August 29, 2011 10:42 AM
I think your issue should be raised in the SyncFx - Microsoft Sync Framework Developer Discussions. I believe they will know more information of this issue than us, and I will move this one to that forum.
Thanks for your understanding,
Jesse Jiang [MSFT]
MSDN Community Support | Feedback to us
Get or Request Code Sample from Microsoft
Please remember to mark the replies as answers if they help and unmark them if they provide no help.
Tuesday, August 30, 2011 2:44 AMModerator
your question is not exactly specific to Sync Framework. whether you use sync framework or not, you need to secure the Azure credentials in your app regardless of whether its a low priviledged user or an admin user. I suggest you have a look at this: http://social.technet.microsoft.com/wiki/contents/articles/sql-azure-connection-security.aspx
Saturday, March 24, 2012 9:18 PM
Just an update , I was refering to secure .net assemply for reflection, protect not only the credentials , but the code.
In Win32 app , a Delphi exe ,you cannot reverse it (easilly, with just 3 clicks).
a link to that topic would be great.
Sunday, March 25, 2012 11:02 AMModeratoryou might want to post your question in the general .net forums. or search for code obfuscation. if am not mistaken, VS comes with Dotfuscator, you might want to do a search on that.
Saturday, May 12, 2012 12:06 PM
The Dotfuscator ships with VS has very limited protection.
I am referring to a 7 ways protection solution with a logical cost. The commercial edition of Dotfuscator is the best solution , but very expensive for my budjet.
Saturday, May 12, 2012 12:08 PMI do not know how to move this thread to .net forum, if anyone can do it , please ...