Secure xml messages being read from database into app

I have an app that reads xml from a database using NHibernate Dal. The dal calls stored开发者_如何学JAVA procedures to read and encapsulate the data from the schema into an xml message, wrap it up to a message and enqueue it on an internal queue for processing.

I would to secure the channel from the database reads to the dequeue action. What would be the best way to do it. I was thinking of signing the xml using System.Security.Cryptography.Xml namespace, but is their any other techniques or approaches I need to know about?

Any help would be appreciated. Bob.

The two things you need to be privy to are constraining access to data in transit and filtering input in prevention of code injection.

There are multiple way to constrain the data in transit, but they not be practical for your application configuration. By not securing that tranmission the data is open to eavesdropping and interference. You can digitally sign the packets as this would provide a mechanism for authentication. You can encrypt the data as this would provide confidentiality. You can also perform a hash comparison upon the final payload as this would provide integrity. If you are not taking into account confidentiality, integrity, or authorization then you have no security.

As far as the best way that I do not know. The best way is what is most efficient with regard to processing and I/O versus the degree of risk that is acceptable to your organization.