Client-side data encryption / SQL Server Express LocalDB

What are the strategies in .NET to secure semi-sensitive client-side data (so that only the application itself can use/see it)?

Could the information be contained in an accompanying mdf file (used by SQL LocalDB) and still maintain the same level of security? If so, how?

I understand that since we are talking about client-side application there is no absolute way to secure the data. I'm mostly looking at ways to make it difficult enough to discourage people attempting it. Ideally the solution would be (mostly) transparent to the application developers.

Answers


Not really. Your best shot would be putting your code in encrypted stored procedures, but as soon as you hand the MDF file to someone, they can attach it to a SQL Server where they have total admin rights (like their LocalDB instance) and decrypt them trivially.


Need Your Help

Button click in ASP.NET invoke Windows Form method C#

c# asp.net winforms web-services

I am working on finger and face identify machines which use zkemKeeper.dll class library. It only works on desktop application. I have synchronized faces between the devices on desktop. I need to i...