Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Where to store sensitive files
Message
From
21/06/2010 17:26:08
Mike Cole
Yellow Lab Technologies
Stanley, Iowa, United States
 
 
To
21/06/2010 16:59:26
Charles Hankey
Consultant
Cleveland, Ohio, United States
General information
Forum:
ASP.NET
Category:
Security
Title:
Re: Where to store sensitive files
Environment versions
Environment:
ASP.NET
Miscellaneous
Thread ID:
01469992
Message ID:
01470071
Views:
36
I've heard bad things about storing files in DBs. I am biased against it naturally. I've done some research and I think I might just store the file in an encrypted format, and unencrypt it if needed.

>SQL Server database? Just serialize them ( with encryption if you like ) and store as a bitstream in a varbinary(max) column
>
>
>>I have a large ASP.NET application running on Windows 2003 web server. Parts of the system serve up static files (pdfs, csv, excel, etc) that contain sensitive data. The files are created by certain processes in the system, are uploaded by users and administrators, and are obtained by some integrations with other systems.
>>
>>Where is the best (most secure, practical) place to store these file. I have been storing them outside of IIS and using .NET code to serve up the file when needed. This has been working fairly well but users have posed concerns about security of these sensitive files, since they are stored on a web server.
>>
>>It has been suggested to store them in the database, but I would rather not do that.
>>
>>Any ideas out there? Thanks!
Very fitting: http://xkcd.com/386/
Previous
Reply
Map
View

Click here to load this message in the networking platform