ansaurus

Question

How to encrypt information in aspx page?

Answer 1

+1 A:

SSL Certificates

Verisign
Thawte
There are many others, some trusted and others not trusted - do your homework.

<Edit> Here is a very thorough step-by-step tutorial explaining how you would go about using an SSL Cert in IIS.</Edit>

Jaxidian 2010-03-23 02:45:13

Thanks, SSL is a solid answer for security problem.I will do some homework on how to implement it in future...

Jimmyc 2010-03-23 09:29:53

Answer 2

+1 A:

If your client is worried about data being stolen "over-the-wire", do what Jaxidian mentioned and using SSL.

If your client is worried about users stealing data from pages they view, then tell them there's nothing they can do in a web app to stop that. Users need to download a page to view on their computers so no matter what you do, HTML web pages can always have their content downloaded by a user, even if you add some hoops to make it more difficult.

The only way to stop a user from stealing data from pages they view is to not make your app web-based. You'll have to write a native app that gets installed on users' machines with strict DRM in order to stop them from copying content. And even then, DRM can be cracked. Just look at Sony.

If your client was referring to encrypting data within your database, then you should look into AES Encryption in .NET.

Dan Herbert 2010-03-23 02:52:13

@Dan: Even _that_ won't prevent a user with a pencil and paper from stealing what's on the screen!

John Saunders 2010-03-23 02:54:25

@John Exactly. There's no fool proof way to stop a user from stealing data as long as he/she is given the ability to look at it.

Dan Herbert 2010-03-23 02:55:31

Ha! That's why I have my users install Matrix style dataports in the backs of their heads.

kervin 2010-03-23 03:31:35

Thanks for the answer, true is we can't prevent user form taking information if we want it to be seen.I should spend more time on other topics rather than these stupid idea... like SSL or Matrix style dataports :)

Jimmyc 2010-03-23 09:38:02

Answer 3

A:

Hi All,

I come with some really silly answer for my client

I tried to encoding the information in aspx with Base64 like

string encoded = Convert.ToBase64String(Encoding.UTF8.GetBytes("Something"))

and decode the data with JQuery .Base 64 plugin ,

the aspx is like:

<span class="decoding"><%=encoded%></span>

with JQuery script to take all .decoding element to be decoded

$(function() {
        $.base64.is_unicode = true;
        $(".decoding").each(
            function() {
                $(this).html($.base64.decode($(this).html()));
            }
        );
 });

so the source data will look like some meaningless string , which is my client want. and with some evil JavaScript to prevent printing and cleaning user's clipboard.

I have completed a web-site with zero usability and still can't prevent anything! Well done :)

Jimmyc 2010-03-23 10:08:39

As you said, it doesn't prevent anything. Any programmer worth his/her salt would look at that text and know to base-64 decode it.

Dan Herbert 2010-03-23 13:14:43

ansaurus

tags:

views:

answers:

How to encrypt information in aspx page?

related questions