What is Protected Configuration in asp.net?

Encrypting configuration information can improve the security of your application by making it difficult for an intruder to gain access to the sensitive information even if the intruder gains access to your configuration file. Examples of sensitive information include user names, passwords, connection strings, and encryption keys . One of the primary places that sensitive information is stored in an ASP.NET application is the Web.config file. To help secure information in configuration files, ASP.NET provides a feature called protected configuration , which enables you to encrypt sensitive information in a configuration file. You can manage protected configuration using the ASP.NET IIS Registration tool (Aspnet_regiis.exe) or the protected configuration classes in the System.Configuration namespace. To implement a protected configuration provider, you create a class that inherits the ProtectedConfigurationProvider abstract class from the System.Configuration namespace. The ProtectedConfigurationProvider abstract class inherits the ProviderBase abstract class from the System.Configuration.Provider namespace, so you must implement the required members of the ProviderBase class as well. You cannot use protected configuration to encrypt the configProtectedData section of a configuration file. You also cannot use protected configuration to encrypt the configuration sections that do not employ a section handler or sections that are part of the managed cryptography configuration.




Related Topics
  1. Asp.Net Interview Questions (Part-1)
  2. Asp.Net Interview Questions (Part-2)
  3. Advantages of ASP.NET Web Development
  4. What is IIS - Internet Information Server
  5. What is Virtual Directory
  6. What is HttpHandler
  7. Page Directives in Asp.Net
  8. What is a postback
  9. What is IsPostBack
  10. What is global.asax
  11. Difference between Machine.config and web.config
  12. Difference between HTML control and Web Server control
  13. What is Query String
  14. Difference between Authentication and Authorization
  15. How to secure Connection Strings
  16. What is ASP.Net tracing
  17. Passing values between Asp.Net pages
  18. Differentiate between client side validation and server side validation
  19. How to Get host domain from URL
  20. Adding a Favicon To Your Website
  21. Asp.Net Textbox value in Javascript
  22. AutoEventWireup attribute in ASP.NET
  23. Can I use multiple programming languages in a ASP.net Web Application?
  24. Difference: Response.Write and Response.Output.Write
  25. How many web.config files can I have in an application?
  26. Static variables, what is their life span?
  27. Difference between ASP Session and ASP.NET Session?
  28. What does mean Stateless?
  29. What is the Difference between session and caching?
  30. What are different types of caching using cache object of ASP.NET?
  31. Which method is used to remove the cache object?
  32. How many types of Cookies are available in ASP.NET?
  33. What is Page Life Cycle in ASP.net?
  34. What is the code behind and Inline Code in Asp.Net?
  35. What is master page in ASP.NET?
  36. Can you change a Master Page dynamically at runtime?
  37. What is cross-page posting in ASP.NET?
  38. How to redirect a page in asp.net without performing a round trip ?
  39. How to register custom server control on ASP.NET page?
  40. How do you validate Input data in Asp.Net?
  41. What's the difference between ViewData and ViewBag?
  42. Difference between Response.Redirect and Server.Transfer
  43. What is the function of the CustomValidator control?
  44. Define RequiredFieldValidator?
  45. Difference between custom control and user control
  46. Difference between Label and Literal control in ASP.Net
  47. What are the major events in Global.Asax file?
  48. What is Event Bubbling in asp.net ?
  49. What is Delay signing?
  50. What is the difference between in-proc and out-of-proc?
  51. What is the difference between POST and GET?
  52. A potentially dangerous Request.Form value was detected from the client