This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I am using data protection api in asp.net core 3.1 . I have PII and PHI data in database. can I use data protection api to encrypt the data. what if my data is not accessed for more than 6 month how key rotation will effect that
Hi @Somnath Shukla , have you checked this doc to protect data using Data Protection APIs: https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/using-data-protection?view=aspnetcore-3.1 ?
i got my answer. if keys are not deleted from key ring there is no issue in decrypting the old data.
@Somnath Shukla , Glad you found the answer. Thanks for posting an update, much appreciated. This would surely help the community with a similar question.
I will go ahead and share a documentation feedback 'Get started with the Data Protection APIs in ASP.NET Core' for the doc author to review and see if this point can be added as a note.
I'll leave this open for FeiHan-MSFT (who is an SME on this topic) to share any further insights (also discuss internally).
As a side note, with Azure tag(s) added, I was trying to share insights for Azure questions/ Azure WebApps topic stand-point.
@Somnath Shukla , Thanks for the question! As you have added 'Azure' tag. Just wanted to confirm, are you leveraging Azure App Service or hosting the website on an Azure VM?
Hope the document provided by FeiHan-MSFT would help in your scenario/requirement.
Hi @Fei Han - MSFT I know how to use the Data protection api. My question is as i am using for PHI data is that correct design. is there any impact in long term on my data.
i am more worried let say 1 record is encrypted and not access for 6 month. in between my keys got rotated how this will work.
@Somnath Shukla , as you mentioned in your new post, as long as key(s) (even if it is retired) remain on the system, the app can decrypt any data protected with them. For detailed information about "Data Protection key management and lifetime in ASP.NET Core", please check this doc: https://learn.microsoft.com/en-us/aspnet/core/security/data-protection/configuration/default-settings?view=aspnetcore-5.0
Sign in to comment