Stored Procedures, client-server data transmission, security
From: Bill (email@example.com)
From: firstname.lastname@example.org (Bill)
Date: 10 Feb 2003 09:13:28 -0800
I have a VB.Net application that uses stored procedures to access
data. We create a connection object, execute the stored procedure, it
returns the data we want, usually in the form of a datatable, then we
close the connection.
This process has worked great for us, and we will stick with it. What
we are looking at now is security.
1. Where can I get information on securing the above process?
2. I have read ENCRYPTION ON for stored procedures, but that does not
mean that someone can't intercept the data
3. How can I make my system as secure as possible?
Any help would be appreciated.
- Thread Safe Access to a SQL Server Using Static and non-Static Connection and Command Objects
... the same database but both stored procedures access the same table. ... Connection object and two static Command objects, ... both thread safe while instance versions of either object are not ...
- Re: Thread Safe Access to a SQL Server Using Static and non-Static Connection and Command Objects
... > the same database but both stored procedures access the same table. ... > Connection object and two static Command objects, ... > both thread safe while instance versions of either object are not ...
- Re: Looking for help against Chinese Hacking Team
... What I wrote was "properly designed Parameterized Stored Procedures" not Stored Procedures or Parameterized Stored Procedures. ... If you do a really bad job then you might be open to serious SQL Injection. ... OWASP is the Open Web Application Security Project and it offers ...
- Re: Permission issue with LINQ ?
... asking for datareader and datawriter permissions, ... If the database supports a public facing web site and contains sensitive data, I would opt for exclusive access via stored procedures to mitigate security concerns. ...
- Extreme performance issues (SQL Server 2000/ADO.NET/C#)
... same exact stored procedures and views, run in the same exact order, through ... system that runs SQL Server (a 4-cpu Xeons system with 2gigs of physical ... When I execute these steps manually through query analyser,, ...