Many early adopters of the Windows Azure platform still have a lot of questions about platform security and its cryptographic support. Here, I'll introduce some basic concepts of encryption and related security in Windows Azure platform. It may take a lot of space to elaborate on this topic, so I'm just going to explain and revisit some of the cryptographic services and providers in Windows Azure. Any transition to Windows Azure can also have some security implications.
You will face new challenges for any new platform or service delivery approach. Also remind you that some typical problems still exist, even some of the same solutions you used in the past will still work. Any application engineer or designer should consider this topic carefully because it is related to the type of data you might store and need to keep. Combining this approach with a systematic approach will provide you and your customers with quality services.
So why do I think this information is needed in the developer community? Over the past few months, I've found more and more articles on the basic security of Azure in community sites. Microsoft recommends encryption as part of the application-tier data that protects Azure projects. However, the product designers and developers who build the Windows Azure platform need to understand the encryption and. NET security models correctly.
I found one thing: the percentage of articles specific to cryptographic services and key stores is increasing. This is especially true for Windows Azure Storage services. This aroused my curiosity, and I found that it was a topic worthy of further discussion.
In the process of writing this article, I will use the cryptographic service provider (CSP) in large numbers to implement cryptographic standards, algorithms, and functions in the system programming interface. For the purposes of this article, I will use the symmetric encryption algorithm provided by the Rijndael encryption class.
Cryptography Basics
The Windows Azure SDK extends the core. NET Library, allowing developers to integrate and use services provided by Windows Azure. Access to the CSP is not limited to Windows Azure projects and services. This means that many of your development related to encrypting and decrypting data will be consistent with the assembly you are accustomed to using. However, there are some changes to the basic architecture, that is, the time or location of the data being encrypted, and the location and manner in which the key is stored. Some of the key data and confidential data persistence are discussed later in this article.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.