Serialize/Encrypt/Transmit Web Form Data to Web Service

I have an ASP.NET 1.1 fo开发者_如何学Crm gathering data on a public-facing site, within a DMZ. The data is represented by a serializable class. My problem is that I need to serialize, encrypt and transmit the data to a Web Service running on an internal server - the service logic should then decrypt and deserialize the data before writing the XML to a shared folder.

Can someone point me in the right direction? What's the most straightforward way of doing this?

Is it possible to use SSL to secure the Web Service on the internal server? This would seem to offer the protection you require.

If you don't have SSL, you will want to serialize the class to XML and then encrypt it. Then decrypt to the serialized XML format. You could then deserialize the XML files created on the share.

Encryption is fairly straightforward to program because you have a string of XML that you want to encrypt and decrypt. The challenge is with the choice of the encryption algorithm and the storage of encryption keys. You should read up on symmetric and assymetric encryption. If the key is exposed then an attacker can easily decrypt your data. Use file permissions to tightly control access.

The simplest option is to use symmetric keys and store the keys on the both ends. There are a number of examples and docs out there.