We would like to set a web app externally on DMZ. The database will be on the internal lan. We would like to secure our database transactions. It will be build in c# and the database is MS SQL 2008.
Which is the most secure and recommended way to talk to the database?