Click here to Skip to main content
15,905,776 members
Search within:


How do I maintain software registration process in a safe way making client unaware of expire date data in database.
Please Sign up or sign in to vote.
1.00/5 (1 vote)
I have to deploy my asp.net website into field.. Here, the fee of website is charged annually. In order to do so, I have decided to create a table in database named Register that will store installation date and expire date of that software in encrypted form. for adding dates for software renewal, I have decided to run script in Sql. However, my concern is client might themselves add date in register tables and extend the life of their usages.

I am new to deploying software this way. How can i perform this action in safe way!! is there alternative to this way of extending dates!!!
Posted
Add a Solution
Comments
Sergey Alexandrovich Kryukov 27-Jul-14 12:18pm    
I hope you want to hide the information on expiration data storage, not the expiration date itself; is that true?
Does it mean that the user has access to the same database as the one used for strong user records? It would be utterly impractical?..
—SA
Codes DeCodes 27-Jul-14 12:26pm    
ya SA. I am new so was unaware... I was planning to encrypt expire date and store in same database.. Which practice will you recommend is best to do so???

2 solutions

Please see my comment to the question.

Now, how do you think: what is the multi-tier architecture for? Let's follow the simple logic: you mentioned both SQL server and ASP.NET in your question tags. It means that you can have your database server, HTTP server and customers on at least three different tiers. The multi-tier architecture allows you to isolate the user from direct access to the database server(s). Even if you, by some reason, keep the database server, the database, and the HTTP server on the same physical host, they should be different tiers.

That way, on the user tier, the users should have access even to their own data not directly through the database server, but through your ASP.NET site. All the data is handled internally in the code behind on server-side host. Everything would be standard here: authentication, different permissions for different account, and special administration accounts where you can have access to user permissions and all related attributes, including expiration days.

—SA
 
Share this answer
 
Posted
Comments
Codes DeCodes 27-Jul-14 12:40pm    
thanks SA.. I am storing expire date in same database server where user records reside. My issue .is in doing so, expire date is exposed to client so is vulnerable. How can I keep expire date secure away from user!!! Is expiration data storage you mentioned above a jargon of Visual Studio i done know!!! Because i am looking for such jargon of SQL or VS to keep there information secure from client
Sergey Alexandrovich Kryukov 27-Jul-14 13:39pm    
This is not the obstacle yet. As soon as you isolate the user from direct access to the database server, you will be fine. I already answered your question in full. If you still did not get it, please don't repeat your question (apparently, I already read it). Instead, ask if you cannot understand something in my answer.
—SA
What you want to do is encrypt the value you are storing in the database. That way, if they tamper with it when you try to decode it you'll get an invalid value and can choose to block the app at that point.

Here are a couple of articles from this site on how to do encryption. Just encrypt your data and store in the database.

.NET Encryption Simplified[^]

ASP.NET data encryption / decryption made easy[^]
 
Share this answer
 
Posted
Comments
Codes DeCodes 28-Jul-14 1:50am    
thanks ryan.. I will try this and return to you...
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Maintain Software Expiry date at client side
Signup during registration is not registering users to the database record?
Progress Bar And Data Process
how to maintain our database in client system
How do I install client server software at client side
Create and maintain Session in mvc3
What can I do if the process cannot exit due to UIA event registration
C# Registration problem
How to Set Expiration of software in C#
Wether to process data on Client Side or Server...???

Advertise
Privacy
Cookies
Terms of Use
Last Updated 27 Jul 2014
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web01 2.8:2024-05-23:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900