in MS Uncategorized

Securing Your Connection String in Windows Azure (#secure #sqlazure #connection)

Posted on by Stefano Mallè

Scoping the Scenario

Without any security measures your connection string appears in plain text, and includes your login and password to your production database. The goal is to allow the code running on Windows Azure be able to read your connection string, however the developers making the package for Windows Azure deployment should not be able to read it. In order to do that, Windows Azure needs know the “secret” to unlock the connection string; however the developers that are making the package should not. How is this accomplished when they have access to all the files in the package?

via blogs.msdn.com

From the SQL Azure Team Blog

My name is Stefano, I live in Switzerland, and I am a husband and a father.
I am passionate about technology and how it can change our lives (and businesses). I am fond of outdoor activities, I care about health and well-being, and I am a could-be-better hobby photographer who appreciates post-processing. While there are more interests in my life than these, let's start from here and find out where we will be ending.