How to securely pass user credentials from server to client?

My goal is to run the installation with administrator credentials (user with installation rights). To do this, I need to pass these user credentials from the web service. So the question is, what is the safest way to pass this data. Remember, the end client user is not logged in as an administrator, but I am assuming they have access to data during transport (i.e. I cannot rely on the security of the channel.)

Myclient code is a vb or c # application using asp.net web service.

+1


source to share


2 answers


The encryption will protect the admin credentials during transport from the WebService to the application memory as specified by gedevan.



Do you mean that you also want to protect them from the user who runs the application? Keep in mind that he is the owner of your process, so with the right equipment and a lot of determination, he should be able to retrieve credentials from the process's memory.

+1


source


Using body encryption (WS-Encryption) paired with HTTPS is pretty safe in most cases.



0


source







All Articles