Armazenando informações confidenciais usando o ASP.NET

Often in an ASP.NET application you are required to make use of highly sensitive information. For example, you may need to use a user ID and password to connect to a database or you may be storing user IDs and passwords that customers use to access your application. While you can use secure sockets layer (SSL) to encrypt information as it is passed over the network, that information must also be protected when it is stored both on the server and on the client. This topic covers some general guidelines for storing sensitive information.

Observação
Para obter mais informações sobre como armazenar informações confidenciais, consulte Improving Web Application Security: Ameaças e contramedidas no site da MSDN Web .

Avoid Storing Sensitive Information When Possible

The best way to avoid exposing sensitive information in an application is not to store it. Minimize the places where sensitive information is stored. Avoid storing sensitive information for your application in a cookie or a control that is persisted in the browser, which would expose the sensitive information to clients of your application. Avoid storing sensitive information in your application logic. Instead, retrieve the sensitive information from a secure configuration location or from the client.

Encrypt Sensitive Information

When you do store sensitive information, avoid storing it in human-readable text or in an easily decoded format, such as Base64 encoding. Instead, encrypt the information so that, if it is exposed to an attacker somehow, the attacker cannot easily determine what the sensitive information contains.

If the sensitive information needs only to be verified and not decrypted to a human-readable format, encrypt the sensitive information using a one-way hash. Then, when comparing the sensitive information received from a source that is being validated, hash the value received and compare the hashes for verification. For example, if you are using ASP.NET Membership and Forms Authentication to provide user authentication for your application, set the password format to Hashed so that passwords are encrypted using a one-way hash when they are stored in the data source or compared for validation.

When storing sensitive information such as connection strings, user credentials, or encryption keys in the Web.config file for an application, encrypt the sensitive sections of the Web.config file using a protected configuration provider. For more information about protected configuration, see Criptografando informações de configuração usando configuração protegida.

For more information about using encryption to protect sensitive information, see .Modelo de criptografia do NET Framework.

Protect Sensitive Information using Permissions

When storing sensitive information in files, databases, the registry, or other locations, use NTFS Access Control Lists and database permissions to restrict access to the information to only the required sources and only the require access. Para obter mais informações, consulte a documentação da sua base de dados ou ASP.NET Required Access Control Lists (ACLs).

Consulte também

Conceitos

Segurança de aplicativos da Web em tempo de execução