C# 加密类和列表<;T>;
假设我们有一个数据对象,C# 加密类和列表<;T>;,c#,design-patterns,C#,Design Patterns,假设我们有一个数据对象,Patient,我们正在将一个列表绑定到一个UI小部件 public class Patient { public Patient(){} public string Name {get;set;} public string MedicalNotes {get;set;} } 我们希望在将记录写入数据库之前对MedicalNotes属性的内容进行加密(假设我们是一家小公司,无法支付提供透明加密功能的SQL数据库的许可费),并在将列绑定到UI小部
Patient
,我们正在将一个列表
绑定到一个UI小部件
public class Patient
{
public Patient(){}
public string Name {get;set;}
public string MedicalNotes {get;set;}
}
我们希望在将记录写入数据库之前对MedicalNotes
属性的内容进行加密(假设我们是一家小公司,无法支付提供透明加密功能的SQL数据库的许可费),并在将列绑定到UI小部件之前对其内容进行解密
public class Patient
{
public Patient(){}
public string Name {get;set;}
public string MedicalNotes {get;set;}
}
我们是否实例化一个singletonCrypto类并将其引用提供给Patient
构造函数,以便列表中的每个Patient对象都可以调用加密对象的方法
或者加密实例是否位于
患者
对象之外,并在数据库IO类和列表
之间进行调解?您说过,您的数据库层需要这种额外的安全性。所以我猜它属于那一层。保存前加密,加载后解密。您说过您的数据库层需要这种额外的安全性。所以我猜它属于那一层。保存前加密,加载后解密。如果我是你,我会将其分为3层,模型层不关心加密过程,数据库也不关心。这些责任必须由另一方承担:
模型层:
public class Patient
{
public string Name { get; set; }
public string MedicalNotes { get; set; }
}
public static class PatientDb
{
public static void SavePatient(Patient patient)
{
//whatever happens here, you didn't post this
}
}
public class PatientHelpers
{
public void SavePatient(Patient unencryptedPatient)
{
var encrypted = Crypto.EncryptPatient(unencryptedPatient);
PatientDb.SavePatient(encrypted);
}
}
public static class Crypto
{
public Patient EncryptPatient(Patient patient)
{
//whatever happens here, you didn't post this
return patient;
}
}
数据库层:
public class Patient
{
public string Name { get; set; }
public string MedicalNotes { get; set; }
}
public static class PatientDb
{
public static void SavePatient(Patient patient)
{
//whatever happens here, you didn't post this
}
}
public class PatientHelpers
{
public void SavePatient(Patient unencryptedPatient)
{
var encrypted = Crypto.EncryptPatient(unencryptedPatient);
PatientDb.SavePatient(encrypted);
}
}
public static class Crypto
{
public Patient EncryptPatient(Patient patient)
{
//whatever happens here, you didn't post this
return patient;
}
}
中间层:
public class Patient
{
public string Name { get; set; }
public string MedicalNotes { get; set; }
}
public static class PatientDb
{
public static void SavePatient(Patient patient)
{
//whatever happens here, you didn't post this
}
}
public class PatientHelpers
{
public void SavePatient(Patient unencryptedPatient)
{
var encrypted = Crypto.EncryptPatient(unencryptedPatient);
PatientDb.SavePatient(encrypted);
}
}
public static class Crypto
{
public Patient EncryptPatient(Patient patient)
{
//whatever happens here, you didn't post this
return patient;
}
}
如果我是你,我会把它分成3层,你的模型层不关心加密过程,你的数据库也不关心。这些责任必须由另一方承担: 模型层:
public class Patient
{
public string Name { get; set; }
public string MedicalNotes { get; set; }
}
public static class PatientDb
{
public static void SavePatient(Patient patient)
{
//whatever happens here, you didn't post this
}
}
public class PatientHelpers
{
public void SavePatient(Patient unencryptedPatient)
{
var encrypted = Crypto.EncryptPatient(unencryptedPatient);
PatientDb.SavePatient(encrypted);
}
}
public static class Crypto
{
public Patient EncryptPatient(Patient patient)
{
//whatever happens here, you didn't post this
return patient;
}
}
数据库层:
public class Patient
{
public string Name { get; set; }
public string MedicalNotes { get; set; }
}
public static class PatientDb
{
public static void SavePatient(Patient patient)
{
//whatever happens here, you didn't post this
}
}
public class PatientHelpers
{
public void SavePatient(Patient unencryptedPatient)
{
var encrypted = Crypto.EncryptPatient(unencryptedPatient);
PatientDb.SavePatient(encrypted);
}
}
public static class Crypto
{
public Patient EncryptPatient(Patient patient)
{
//whatever happens here, you didn't post this
return patient;
}
}
中间层:
public class Patient
{
public string Name { get; set; }
public string MedicalNotes { get; set; }
}
public static class PatientDb
{
public static void SavePatient(Patient patient)
{
//whatever happens here, you didn't post this
}
}
public class PatientHelpers
{
public void SavePatient(Patient unencryptedPatient)
{
var encrypted = Crypto.EncryptPatient(unencryptedPatient);
PatientDb.SavePatient(encrypted);
}
}
public static class Crypto
{
public Patient EncryptPatient(Patient patient)
{
//whatever happens here, you didn't post this
return patient;
}
}
在我看来,
Patient
类不应负责加密自身或将自身保存到数据库中。它应该代表一个病人。@艾米:我倾向于同意你的看法。你如何将你的模型存储在数据库中?一些虫子?普通的老SQL?XML序列化?而且不需要任何单例类,无论是加密类还是其他类!从SQL Server 2016 SP1开始,所有版本的SQL Server.IMO都提供了“始终加密”功能,Patient
类不应负责自身加密或将自身保存到数据库中。它应该代表一个病人。@艾米:我倾向于同意你的看法。你如何将你的模型存储在数据库中?一些虫子?普通的老SQL?XML序列化?而且不需要任何单例类,无论是加密类还是其他类!从SQL Server 2016 SP1开始,所有版本的SQL Server都提供“始终加密”。谢谢。我喜欢这种关注点的分离。当SELECT命令返回一个数据表,并且每一行都映射到一个Patient
对象时,任何加密的列在被分配到相应的Patient属性之前都会被解密。谢谢。我喜欢这种关注点的分离。当SelectCommand返回一个数据表,并且每一行都映射到一个Patient
对象时,任何加密的列在被分配到相应的Patient属性之前都会被解密。