Possible to prevent encryption of a string column?



Is it possible to prevent encryption of a particular string column (e.g. through the use of Attributes or another means)?



dangriffin wrote Jan 14, 2014 at 12:16 AM

Can you provide any additional information about why you want to use SecurEntity but not encrypt a string column?

Regarding potential implementation, an Attribute would be one way. We don't currently have any Attribute-based behaviors in SecurEntity, so we'd need to think about the ramifications of that approach.

Another approach that might be more consistent with the current implementation would be to add an optional override to the SecurEntityLib.SecurEntity base class. The override could return a list of columns to exclude from encryption.

leahcimp wrote Jan 14, 2014 at 3:49 AM

I can give you specific example why I'd like to prevent a string column from being encrypted:

I am using ASP.NET Identity tables, plus my own "secure" table:

User table (ASP.NET Identity)
  • Id : string (PK; though Guid format)
  • (other columns...)
UserSecure table (my table for data that needs to be encrypted, e.g. name, email address, etc)
  • Id : Guid/uniqueidentifier (PK)
  • UserId : string (FK to User:Id)
  • (other string columns, to be encrypted with SecurEntity)
As you can see, the UserSecure:UserId is a FK string to User:Id. I prefer that UserSecure:UserId NOT be encrypted so that I can query on this table without having to decrypt all of the rows. Therefore, I'd like to somehow prevent the UserSecure:UserId column from being encrypted.

As a workaround, I will probably make the UserSecure:UserId column a uniqueidentifier (Guid) type and convert to/from string as needed.

I'd welcome your thoughts about this if you see a different or better approach.

Thanks for providing SecurEntity -- it's a huge help!