What would be the best way to hide sensitive data from being exposed when using the Entity Framework? (for example, a table that contains a SSN column...etc)
+1
A:
Simply delete the columns from your data model.
As an alternative, don't even expose the columns in SQL; expose views that provide only the columns you are willing to expose.
kbrimington
2010-08-18 17:49:34
Thanks! That makes sense
gottalovedotnet
2010-08-18 17:55:25
+2
A:
That really depends on what you want to protect it from. Should your code be able to get at it? Then restrict access to that column to just the user which connects in your app.
If even your code shouldn't be able to get at it, e.g. it's only available via stored procedures with extra auditing, then restrict it even further. Basically you'll almost certainly want to do this at the database itself, I'd have thought. I don't think the fact that you're using EF makes very much difference, to be honest.
Jon Skeet
2010-08-18 17:49:45
I wholeheartedly agree that the security of this data must be established at the database level. Too often, I've seen code make assumptions that the application cannot be compromised, or assemblies cannot be reused in another application or... The possibilities for compromise are too many unless security is firmly established on the database tier.
kbrimington
2010-08-18 17:54:39