Secure database connection. DAL .net architecture best practice

Posted by Andrew Florko on Stack Overflow See other posts from Stack Overflow or by Andrew Florko
Published on 2010-05-22T03:00:37Z Indexed on 2010/05/22 3:10 UTC
Read the original article Hit count: 277

We have several applications that are installed in several departments that interact with database via Intranet. Users tend to use weak passwords or store login/password written on a shits of paper where everybody can see them. I'm worried about login/password leakage & want to minimize consequences. Minimizing database-server attack surface by hiding database-server from Intranet access would be a great idea also.

I'm thinking about intermediary data access service method-based security. It seems more flexible than table-based or connection-based database-server one. This approach also allows to hide database-server from public Intranet.

What kind of .net technologies and best practices would you suggest?

Thank in you in advance!

© Stack Overflow or respective owner

Related posts about security

Related posts about database