Solved

Is this a safe way of storing and encrypting files?

Posted on 2012-04-04
3
265 Views
Last Modified: 2012-04-04
I have a requirement to upload medical files and encrypt them

I'm already encrypting some other columns and they're varbinary. So, I know varbinary can be encrypted.

Should I use this method :  (filestream)
http://weblogs.asp.net/aghausman/archive/2009/03/16/saving-and-retrieving-file-using-filestream-sql-server-2008.aspx

OR should I encrypt the file in the code, like this:
http://support.microsoft.com/kb/307010
0
Comment
Question by:Camillia
3 Comments
 
LVL 15

Accepted Solution

by:
Deepak Chauhan earned 500 total points
ID: 37808338
Application level encryption is much safer than file stream like

http://support.microsoft.com/kb/307010
0
 
LVL 23

Expert Comment

by:wdosanjos
ID: 37808373
You should consider using SQL Server encryption features.  I find it more flexible to maintain encrypted data that way.

How to: Encrypt a Column of Data
http://msdn.microsoft.com/en-us/library/ms179331%28v=sql.100%29.aspx

SQL Server Encryption
http://msdn.microsoft.com/en-us/library/bb510663%28v=sql.100%29.aspx

I hope this helps.
0
 
LVL 7

Author Comment

by:Camillia
ID: 37808472
>> Application level encryption is much safer than file stream like
why?
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi all, It is important and often overlooked to understand “Database properties”. Often we see questions about "log files" or "where is the database" and one of the easiest ways to get general information about your database is to use “Database p…
Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question