Login | Register   
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Implementing Encrypted SQL Server Database Columns with .NET : Page 4

Many government agencies needing HIPAA compliance, such as HUD, require encryption of certain database columns. For systems tracking victims of domestic abuse, it's critical to encrypt personally identifiable data. Fortunately, implementing encrypted database columns is simple using .NET and SQL Sever 2000.


advertisement
Encrypting and Storing a Record
To store the data in the database, you first generate the private IV for the record. This will be a unique IV for that record and will keep the encrypted values in the table unique. Then you will store the IV, the columns uniquely encrypted with that IV and the LastName using the shared IV for searching.

Author's Note: The data access code used in this article uses the Microsoft Data Access Application Block. If you're not familiar with it, I strongly recommend going to http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/daab-rm.asp and downloading it. It comes complete with source code and provides a simpler and cleaner API for most data access tasks you'll want to do with .NET.

Private void SaveButton_Click( object sender, System.EventArgs e) { object clientID = System.DBNull.Value; if(this.ClientIDField.Text!="") { clientID=Convert.ToInt32( this.ClientIDField.Text); } byte[] PrivateVector = SimpleAES.GenerateEncryptionVector(); SimpleAES privateAES = new SimpleAES(this.Key, PrivateVector); SqlHelper.ExecuteNonQuery( DatabaseConnectionString, "SetClient", new SqlParameter("@ClientID", clientID), new SqlParameter( "@FirstNameCrypted", privateAES.Encrypt( this.FirstNameField.Text)), new SqlParameter("@LastNameCrypted", privateAES.Encrypt( this.LastNameField.Text)), new SqlParameter("@LastNameShared", lib.Encrypt( this.LastNameField.Text)), new SqlParameter("@Vector", PrivateVector), new SqlParameter("@ShelterName", privateAES.Encrypt( this.ShelterNameField.Text))); }



Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap