Configuring Argument Encryption
When you configure an instance of Notification Services, you can encrypt arguments for delivery channels and hosted event providers that are stored in the instance and application databases. Encrypting these arguments in the database helps protect sensitive information.
Argument Encryption
Notification Services stores delivery channel and hosted event provider arguments in the instance and application databases. These arguments may contain sensitive information, such as user names and passwords. Encrypting these arguments before storing them in the database makes it difficult for a user with database access to acquire sensitive information.
If you enable argument encryption, you must provide an encryption key when you create and register the instance, and you must provide the same key when updating the instance.
When argument encryption is enabled, Notification Services encrypts the columns that store delivery channel and event provider argument values. When the instance's Windows service requires the arguments, it uses the encryption key you defined when registering the instance to decrypt the argument values.
Important
Argument encryption helps protect the data in the databases, but does not protect the data in XML or other plain-text files used to create and update instances and applications. To keep sensitive data out of the instance configuration file (ICF) and application definition file (ADF), you can use parameters and then provide values for the parameters when you create and update the instance. If using parameters is not a reasonable solution for your applications, secure the folders that contain the ICF and ADFs. For more information about using parameters, see Using Parameters in an Instance Configuration File.
Defining Argument Encryption
If you are configuring an instance of Notification Services through XML, enable argument encryption in the ICF. If you are configuring an instance of Notification Services programmatically, use Notification Services Management Objects (NMO) to enable argument encryption.
To enable argument encryption
- EncryptArguments Element (ICF)
- EncryptArguments property (NMO)
See Also
Concepts
Using Parameters in an Instance Configuration File
Other Resources
EncryptArguments Element (ICF)
Arguments Element (ICF)
Arguments Element for HostedProvider (ADF)
Instance Configuration File Templates
Configuring Instances of Notification Services