locked
Secure File Transfer and Storage RRS feed

  • Question

  • User-1209063919 posted

    I would like to be able to give my users the ability to securely upload and store files, sometimes upwards to about a gigabyte in size. I'm not quite sure what's the best way to go about doing this. I would like to have the connection between the client and the server secured, so I'm sure I will probably have to use SSL. Now, my major crux is secure storage. Being that the data is somewhat sensitive, I'm wondering if I should encrypt the file before it is stored. I guess my question is, should I open the file and encrypt each byte or encrypt the file as a whole. I'm assuming that the latter is the better option. I know that there are a number of examples of how to encrypt a file using a number of different methods (aes, des, md5 (hashing not really encrypting), etc). Currently, to encrypt text, I am using the Rijndael algorithm, sha1, 256 bit keys, a predefined passphrase, salt value, and IV.

     

    Thanks in advance for any help you may be able to lend...

     

    Jim

    Monday, February 21, 2011 2:52 PM

Answers

All replies

  • User-1946294156 posted

    It sounds as if you are on the right track.  I would just encrypt the file.  It is not worth processing the file to encrypt the data inside of it.  Plus, I believe it is the standard to encrypt the file in PCI. 

    Monday, February 21, 2011 8:36 PM
  • User1957418580 posted

    I'm curious as to why this is sent to the ASP .NET forum.  Did you have a question specific for ASP .NET - do you want to do this through ASP .NET code?  I would really suggest finding an upload mechanism.  IIS 7 supports FTP over SSL for example:

    http://learn.iis.net/page.aspx/310/what-is-new-for-microsoft-and-ftp-75/

     

    HTH

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Saturday, February 26, 2011 10:48 AM