0

I work with C# WPF ClickOnce-Installer. My target is to hide the connection-strings to the user.

I found a possibility to encrypt the connection-strings in app.config while starting the application(ref). Problimatically it doesn't encrypt the connection-parameters at the installer-directory where the application gets updates from. This file is called appname.exe.config.deploy and contains the password in plaintext. So if the user knows where the updates come from, he can just read the connection-strings...

So my idea was just to use an obufscation-method to obfuscate only the connection-strings before deployment. Are there any good methods for this way so the user cant easily refactor the connection-string?

  • For which database? If you use Windows Authentication with a database that supports it, there's no need to specify an account at all – Panagiotis Kanavos Nov 26 '18 at 10:47
  • 3
    In short, if it is on user machine, then user has access to everything. There is absolutely no way to "hide" connection string from user. Instead, you need to provide access to database on per-user basis or make proper authentication on server side. – Yeldar Kurmangaliyev Nov 26 '18 at 10:47
  • 2
    Possible duplicate of [.Net Encryption](https://stackoverflow.com/questions/895739/net-encryption) – Cee McSharpface Nov 26 '18 at 10:48
  • IMHO This is a XY problem, you should focus on a connection string without confidential data (AKA use windows authentication) instead of encrypting the connection string (a skilled user with adecuate access to the machine could decrypt it because the user need to have access to the key/certificate used to encrypt it) – Cleptus Nov 26 '18 at 11:34
  • I dont want to let the user know what s the name of the database, because i dont want him to logon on our database and UPDATE or SELECT the various tables. He should not be able to see the data or manipulate it so i thought the best way (after encrypting the conn-strings) is to obfuscate the connection-strings... Aren t there good methods for obfuscation the connection strings? I dont know what to do else! –  Nov 26 '18 at 13:09
  • Read the comments, you are trying to secure something you should not be securing. You should use a connection string credentials that have access to only the data the user should have access to. Once you have done that, there is no point in encrypting the connection string. To limit the access the user has to the data you could use database roles, views, etc. [Have a look at SQL Server security scenarios](https://learn.microsoft.com/en-us/dotnet/framework/data/adonet/sql/application-security-scenarios-in-sql-server) – Cleptus Nov 26 '18 at 14:49
  • Ok THANK you, i think you are right! But i am still a bit worried.. I want to share my application with more than hundred users… The users shall do INSERT, UPDATE and SELECT-Statements (DELETE not right now)… So if anyone do bullshit with my database Server, i dont know how to track it... Do u think triggers with Change-log is a good solution ? Like OLD VALUE, NEW VALUE, USER, TIME? –  Nov 26 '18 at 19:12
  • @chchchchchchchch It sounds like you need to build a web API rather than having direct access to a database.. This way you can restrict what users are able to do and have logging capabilities. – Dan Dec 12 '18 at 20:03

0 Answers0