locked
Use Encryption in Lightswitch to be used in client side RRS feed

  • Question

  • Hi,
    I am using lightswitch for our intranet site. I am using MSSQL 2008 database and visual studio 2012. Can you suggest me a how to create a field where I shall enter an sensitive information (ex: SSN) which will be stored in the database encrypted.Later on I should be able to retrieve the data from the field, decrypt it and show on the screen.

    I can use the Cryptography function inside applicationDataServices class (which is inside the server folder) but cannot use it inside any file located inside Client folder. How to add a reference so that i can use Rijndael from any of the file inside the client folder. Or any work around?

    Summary: Need a datafield for SSN, Inside the database this should be encrypted. But the data should be decrypted before displaying to application users.

    -Thanks
    Musfiqur

    • Edited by musfiqur Tuesday, February 12, 2013 8:27 PM
    Tuesday, February 12, 2013 7:24 PM

Answers

  • I think the short answer to that is WCF RIA service.

    The long answer is the same but comes with an example. I wish I had a good one for you but unfortunately they have already been created and can be found if you search. I find the best solution is to go to WCF RIA Service: Combining Two Tables and follow the tutorials there on what to do. Michael has got some really good examples of joining intrinsic data as well as external data sources that should allow you to use the stored procedure in the way that you want to.

    Good luck and let us know how it goes :)


    If you found this post helpful, please mark it as helpful. If by some chance I answered the question, please mark the question as answered. That way you will help more people like me :)


    • Edited by Yann DuranModerator Thursday, February 14, 2013 3:27 AM Fixed link text
    • Marked as answer by musfiqur Thursday, February 14, 2013 4:52 PM
    Wednesday, February 13, 2013 10:16 PM

All replies

  • This encryption can be done at the database level. But as the lightswitch system used the entity framework as a backend you might have trouble calling it. Suggestion would be to use a custom odata provider and do the decryption calls inside that to the database.

    Encrypt a Column of Data


    Wednesday, February 13, 2013 12:07 AM
  • Thanks. Very good idea.

    I can do the encryption from database. But how to create the OData Provider that will store store a data encrypted and reply the data after decryption? 

    Is it possible to use a custom silverlight control?
    • Edited by musfiqur Wednesday, February 13, 2013 3:00 PM
    Wednesday, February 13, 2013 2:59 PM
  • I dont know how to decrypt the data and show it on the screen but as a helpful prod, how about using a stored procedure to do the saving of the record that will do the encryption for you?

    Natively, Lightswitch doesnt do stored procedures but that doesnt mean it isnt possible. Here is a link that may help you out in that respect.

    How to: Execute a Stored Procedure in LightSwitch

    HTH


    If you found this post helpful, please mark it as helpful. If by some chance I answered the question, please mark the question as answered. That way you will help more people like me :)


    • Edited by Yann DuranModerator Thursday, February 14, 2013 3:24 AM Modified link text (hope you don't mind Otis)
    Wednesday, February 13, 2013 4:54 PM
  • Thanks for the post. This procedure is ok for inserting. But I should also be able to decrypt using a stored procedure and show it decrypted in the screen.If this can be done, I shall accept your answer. The idea is something like these:

    id, SSN

    during insertion

    call procedure(id,SSN){

       encrypt SSN and store;

    [Your suggested way solves the above problem]

    during retrieval:

    getSSN(int id){

    return decrypt(SSN);

    }

    How to bind this result to a control in Lightswitch?

    Wednesday, February 13, 2013 6:04 PM
  • I think the short answer to that is WCF RIA service.

    The long answer is the same but comes with an example. I wish I had a good one for you but unfortunately they have already been created and can be found if you search. I find the best solution is to go to WCF RIA Service: Combining Two Tables and follow the tutorials there on what to do. Michael has got some really good examples of joining intrinsic data as well as external data sources that should allow you to use the stored procedure in the way that you want to.

    Good luck and let us know how it goes :)


    If you found this post helpful, please mark it as helpful. If by some chance I answered the question, please mark the question as answered. That way you will help more people like me :)


    • Edited by Yann DuranModerator Thursday, February 14, 2013 3:27 AM Fixed link text
    • Marked as answer by musfiqur Thursday, February 14, 2013 4:52 PM
    Wednesday, February 13, 2013 10:16 PM