How To Secure File Transfer And Storage
Feb 21, 2011
I would like to be able to give my users the ability to securely upload and store files, sometimes upwards to about a gigabyte in size. I'm not quite sure what's the best way to go about doing this. I would like to have the connection between the client and the server secured, so I'm sure I will probably have to use SSL. Now, my major crux is secure storage. Being that the data is somewhat sensitive, I'm wondering if I should encrypt the file before it is stored. I guess my question is, should I open the file and encrypt each byte or encrypt the file as a whole. I'm assuming that the latter is the better option. I know that there are a number of examples of how to encrypt a file using a number of different methods (aes, des, md5 (hashing not really encrypting), etc). Currently, to encrypt text, I am using the Rijndael algorithm, sha1, 256 bit keys, a predefined passphrase, salt value, and IV.
View 2 Replies
Similar Messages:
Aug 5, 2010
I'm currently developing a web application whose primary user function is uploading and downloading of files. The files will be stored on the hard disk (no cloud storage yet).
Taking into consideration the possibilities of gigabytes of data and a large number of files, do I need to organize files into sub folders to account for the fetching of a file or is the file system's indexing already very efficient and I can ignore this potential bottle neck?
Update:
On a side note, I plan to store file names and any additional information in a SQL database and only query the disk when a user actually wants to download the file. This is how I plan on retrieving files:
FileStream stream = File.Open("C:file.txt");
byte[] fileContent = new byte[stream.Length];
stream.Read(fileContent, 0, fileContent.Length;
Any file information will be retrieved from the database. The hard disk will only be used for saving and fetching files.
Update 2:
Files will be saved as GUID + EXTENSION on the hard disk while the actual file name is stored in the database.
View 4 Replies
Jan 11, 2010
What is the best approach to storing images in a file system. Currently I am separating the images by day, month and then year. I am also hashing file name so that no two files will be stored with the same name. Lastly, how would I go about using the image file address in a forum?
View 3 Replies
Dec 27, 2010
I want to use XML file as a data source for my application.
View 2 Replies
Jan 19, 2011
I want to import csv file(already uploaded in blob storage) in Azure. For example I have uploded test.csv on blob storage, now i just want to import that test.csv file in .net(azure) and after importing i will insert that data into azure database. I am using C# .net.
Creating a cvs file with all rows. Upload it as blob. Parse it with a Worker role and insert it in the sql azure db.
View 1 Replies
Jul 8, 2010
I have a windows application that stores a file on the current user's isolated storage, lets call this user Adam. On the same machine I have a Web service (The Web Service's application pool is running with Adam's credentials) that uses the same dll to access the file on the isolated storage but it is trying to access a file on the Default User's profile instead of the real user's profile (in this case Adams Profile)
Why is it trying to look for the file on the Default User's profile Instead of Adam's Profile? How can i make it look for the file in the right profile?. I'm running it on Win 2003, C# and .Net framework 3.5
View 1 Replies
Jan 14, 2013
I have made an application where I am displaying the .pdf , .doc , .docx  files. These files are uploading from an Admin Panel.When user place a mouse pointer on download icon provided in front of every file, it shows the complete path where it’s get saved.I want to avoid this path visibility even when user place mouse on download icon and even if it Inspect an element (as most modern browser will have this functionality).
View 1 Replies
Jul 13, 2010
My web application will be launched through existing thick client applications. When launched, an HTTP POST request will be generated including information like the userID and additional context information (basically stuff like the target user's name, birthday, etc.).
My plan for authentication is for there to be a look-up table in the database. If the username is already there, automatically login the user, but if there is no entry in the database, redirect the user to an initial login page which will be used to create that database entry.
My question is how to secure this against MITM and other security holes. How can the request generated through the thick client be on an SSL connection? Doesn't an SSL connection have to be authenticated with the username (and password) first? And if so, will the additional context information be publicly exposed until the user is logged in?
View 1 Replies
Oct 25, 2010
I have a browser compatibilty problem with https? I have SSL installed and is in usage. Until today morning, my https part is working well. From then, Https is shown as https(with slashed in red color) saying the page has some insecure content. I have not changed any code and suddenly i see this problem in chrome. In IE 8, i see the same problem but on every page, it shows me a popup if i should allow to opne secure and non secure or just secure. Firefox has no issues . It shows correct https without any problem. I am fed up with it searching all over. Why is this happenening for me in Chrome and IE 8.
View 3 Replies
Feb 8, 2011
I have a class which implements IHttpHandler that is designed to handle image resize requests. It handles Urls like so [URL] Currently the handler looks for myimg.jpg on disk, cuts a 100x100 thumbnail (if it isn't already present) and redirects the client to the thumbnail like so Response.RedirectPermanent("/some/virtualPath/to/thumbnail.jpg");
This has been working great, but I would like to avoid forcing the client to issue a second HTTP request. Is it safe to do the following? Server.Transfer("/some/virtualPath/to/thumbnail.jpg") All the MSDN documentation talks about using Server.Transfer() to redirect to an aspx page, so I'm not sure if this is the right thing to do or not.
View 1 Replies
Jan 13, 2011
I'm creating a ASP.NET/SQL Server 2005 Express app which requires users to upload supporting attachment or documents in .docx and .pdf format. The web server is IIS 6/Win 2003. I'm trying to come up with a good way of securing these documents so anonynous users cannot see them and creating a separate Windows login for every user is not an option. SQL Server Express does not have blob data types. I'm storing each user's authentication information in the SQL database and not really using forms authentication.
View 1 Replies
Apr 6, 2010
We have a swf file that we want to secure and make available only to authorized users.
I embedded the file in an aspx page and that works fine, since ASP.NET handles the aspx page, I can use ASP.NET authorization features and in the web.config restrict the access to roles="AllowedUsers" for example.
However smart users could still get to the file by accessing directly for example www.mysite/flash.swf. We want to make that kind of access secure.
View 2 Replies
Oct 24, 2010
I have a custom mini login user control that I have embedded in the top of my website which shows on every page. These pages are non-secure HTTP://. I would like to avoid having to redirect the user to a HTTPS page to perform the login but I definitely don't want to send login credentials to the server in plain text.
I am trying find a method to send the user's login credentials encrypted via https from a non-secure (http) page.
I tried to set the postbackurl for the login button to itself but in https, but the user's input is not retained and the buttonLogin_click is not fired when I set the button postbackurl property. My ASP.net web application is VB.Net framework 4.0
I am assuming this can be done because I see lots of websites where login fields are on available on every page and they are running http and I can believe they are not encrypting the login credentials.
View 3 Replies
Jul 16, 2010
I have a web application in asp.net and C# that must access a remote server to copy some files. The web application basically deploys other web applications. Let us say that the web app runs on a "developement" server and needs to interact with a "production" server. From the user's point of view they are both remote machines. He accesses the application (running on the "developement" machine) on his browser and does not see the code and the access credentials to the "production" machine
View 1 Replies
Feb 8, 2010
I wrote a code to send file as below:
[Code]....
When I tried to send file to the URI stated above, the server throw the status 400 back to me when I tried to get the response from the server, and the https server doesn't receive any file. While I changed the URI to point to another server, which is a http server, the code works fine and able to send file to the server. I would like to know why the code above is not able to send the file to the https server?
PS:
[Code]....
View 7 Replies
Mar 23, 2010
how to transfer file via SFTP in .net? Does .net have library for this?
View 3 Replies
Nov 6, 2010
Currently, I am storing images and video clips in my database as a varbinary(max).
The problem is that when my front-end goes to retrieve and play the video, it takes an excessive amount of time to download.
For example, I have a video file: test.avi (5mb). If I attempt to read from database and play avi, it takes about 40 seconds. If I attempt to play this test.avi from the filesystem, it takes about 10 seconds to load.
I have investigated compression/decompression, but those seem to be as time-consuming as just loading up the raw data from the database.
Should I scrap storing video clips in the database, and go for a file system approach. I would really like to keep everything clean, secure, and organized. Which is why I am storing images, video clips, etc. in database.
View 4 Replies
Feb 8, 2010
I don't think the site has a web service available, so I need to pass the login credentials and read the xml file (e.g.https://www.somesite.com/needthisfile.xml). What do I use to do this?
View 1 Replies
Mar 9, 2011
I am currently writing a gridview to an excel file, but i cant make it password protected (or the password is too easy to break).
Is there another file type that i can write the gridview data to which can be securely password protected at the same time?
I am going to be emailing this file, and i want the end user to have to type in a password to open it.
my current code:
Response.Clear();
Response.AddHeader("content-disposition", "attachment;filename=FileName.xls");
Response.Charset = "";
Response.ContentType = "donedeals/vnd.xls";
System.IO.StringWriter stringWrite = new System.IO.StringWriter();
System.Web.UI.HtmlTextWriter htmlWrite = new HtmlTextWriter(stringWrite);
GridView1.RenderControl(htmlWrite);
Response.Write(stringWrite.ToString());
Response.End();
View 2 Replies
Feb 16, 2011
I´m making a gridview with a sql query where I also do an upload to an FTP address for each column. It works and several files are being send but after 2 minutes I got "the operation has timed out". I have tried setting this in the web.config but it does not solve it:
httpRuntime maxRequestLength="6024000"
What can I possible to? Is the page timing out due to the sql connection or just the webpage request?
View 8 Replies
Nov 26, 2010
I am trying to develop an application to do file transfer between 2 WIN Phone 7 through 3G.How can we accomplish this task?Is there any msdn articles available for this?
View 2 Replies
Jul 23, 2010
I want to transfer a file from client machine to Web server. I need to allow the users to select a file on their machine and allow them to transfer the file to the web server? Also How does a file control work.
<INPUT
id="File1"
type="file" runat="server">
How to allow the users to transfer files to web servers from their local machine?
View 6 Replies
Apr 30, 2010
I have a requirement to fill the pdf file.
We are using Sql server and i want to transfer data from SQL server to pdf file.
View 1 Replies
May 29, 2012
I need full code for client and server to transfer files. gone through net but didn't get through.
View 1 Replies
Aug 10, 2010
I have a GUI when i log in i create a cookie and it encrypt it. I am usin SSL.
I check in the Login.aspx page if the cookie is secure, which it is. but then before going to the default page it goes to the Global.ascx page.
Here in the Application_AuthenticateRequest it gets the cookie and decrypts it for the default page..
Now i know that it is getting the same cookie as all the other attributes match the one that was created in the Login.aspx page excet that the secure value is "False".
this is the case for all other pages after default. the value of the cookie.secure is false.
why is this happening as i want all the pages to be secure by SSL.
Also the pages are opening as https not http.
here is my web.config
[code]....
View 1 Replies
