i think for acquiring 100 % secure data transfer between forms on client side and c# code on server side ? my tools : i use IIS as my server and i wonder how can i reach for latest security that can be acquired in ASP.net forms and c# server side codes.
Asked
Active
Viewed 262 times
0
-
1Don't try to roll your own encryption, use SSL/TLS as it has already been proven. – David Houde Apr 06 '14 at 10:10
-
possible duplicate of [Does an established ssl connection mean a line is really secure](http://security.stackexchange.com/questions/5/does-an-established-ssl-connection-mean-a-line-is-really-secure) – Xander Apr 06 '14 at 11:31
1 Answers
3
No With current technology there is no 100% secure way to transfer data over the Internet.
The best you can hope for is to follow standard best practice. In which case you need to:
- Secure your web server - apply patches, hardened config, firewall
- Secure your application - code to the OWASP top 10, avoid SQL injection, etc.
- Use SSL to protect data in transit
Despite all these precautions there remains some risk. For example, one of your users might have malware on their computer, which captures all their web traffic.
paj28
- 32,736
- 8
- 92
- 130
-
1+1 Adding to the above: Using SSL might require to trust the involved [CA](http://en.wikipedia.org/wiki/Certificate_Authority) which also defeats 100% security goal :) – humanityANDpeace Apr 06 '14 at 10:09