This forum is closed. Thank you for your contributions.

Remove From My Forums

How secure are Credentials stored in a BizTalk SSO database?

Question
0

Sign in to vote

I'm trying to determine how secure the SSO database is. Essentially what I'd like to know is whether it is possible for anyone other than the user who stored their credentials in the store to retrieve them back out again.

consider this scenario:

1. As "DOMAIN\Scott" I store credentials in the SSO database

2. This database is compromised in such a way that the table data is stolen

3. The master secret on the master secret server is also compromised

Can they use this to decrypt the credentials? or do they need a Kerberos ticket from AD as well? If this is the case is there any way to encrypt data in such a way that a valid Kerberos ticket is the only way to get access to it?

Regards,

Scott

Sunday, October 21, 2012 4:10 AM

Answers

0

Sign in to vote
HI

If your administrator had created proper group to facilitate each group .. Then SSo is best place to store your config data..

As SSO Can be access by only SSO Administrator Group

But we normally configure with one ID which is not the proper way to setup.

Refer This

http://msdn.microsoft.com/en-us/library/ee251728%28v=bts.10%29.aspx

http://msdn.microsoft.com/en-us/library/aa560954%28v=bts.10%29.aspx

http://msdn.microsoft.com/en-us/library/ee251682%28v=bts.10%29.aspx
- Marked as answer by LeoTangModerator Sunday, October 28, 2012 2:57 PM
Monday, October 22, 2012 3:52 AM