Skip to content
DataMiner DoJo

More results...

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Search in posts
Search in pages
Log in
Menu
  • Blog
  • Questions
  • Learning
    • E-learning Courses
    • Open Classroom Training
    • Certification
      • DataMiner Fundamentals
      • DataMiner Configurator
      • DataMiner Automation
      • Scripts & Connectors Developer: HTTP Basics
      • Scripts & Connectors Developer: SNMP Basics
      • Visual Overview – Level 1
      • Verify a certificate
    • Tutorials
    • Video Library
    • Books We Like
    • >> Go to DataMiner Docs
  • Expert Center
    • Solutions & Use Cases
      • Solutions
      • Use Case Library
    • Markets & Industries
      • Media production
      • Government & defense
      • Content distribution
      • Service providers
      • Partners
      • OSS/BSS
    • DataMiner Insights
      • Security
      • Integration Studio
      • System Architecture
      • DataMiner Releases & Updates
      • DataMiner Apps
    • Agile
      • Agile Webspace
      • Everything Agile
        • The Agile Manifesto
        • Best Practices
        • Retro Recipes
      • Methodologies
        • The Scrum Framework
        • Kanban
        • Extreme Programming
      • Roles
        • The Product Owner
        • The Agile Coach
        • The Quality & UX Coach (QX)
    • DataMiner DevOps Professional Program
  • Downloads
  • More
    • Feature Suggestions
    • Climb the leaderboard!
    • Swag Shop
    • Contact
      • General Inquiries
      • DataMiner DevOps Support
      • Commercial Requests
    • Global Feedback Survey
  • PARTNERS
    • All Partners
    • Technology Partners
    • Strategic Partner Program
    • Deal Registration
  • >> Go to dataminer.services

AdHocDataSource – UI or option to pass some input parameters that are hardcoded and sensible

Solved607 views3rd July 2024adhocdatasource hardcodedinformation security
3
Jon Corral [SLC] [DevOps Enabler]464 3rd July 2024 0 Comments

Hello Dojo,

I am working on a code that has some hardcoded information that is sensible and would like to give an extra level of security to. Right now this information is formed by two strings that are being passed hardcoded.

The idea is to try to get some kind of UI that allows the user to include these parameters, to write those parameters to an encrypted file and to pass this to the AdHocDataSource, which should be able to decrypt that file and extract these strings. Is this possible?

If this is not possible, I am wondering if there is any other smarter way to find a solution to this use case and give that extra layer of security.

Thank in advance

Jon Corral [SLC] [DevOps Enabler] Selected answer as best 3rd July 2024

1 Answer

  • Active
  • Voted
  • Newest
  • Oldest
2
Joachim Ally [SLC] [DevOps Enabler]1.57K Posted 3rd July 2024 1 Comment

Hi Jon,

What I was thinking that could be an idea to achieve this:

  • Create a very tiny protocol with a parameter with the "save"-attribute and that is writeable and has measurement type string with option "password".  The user is then able to set this password safely in Cube already.
  • To elaborate this, you could write an Interactive Automation Script, that you can embed in an elegant way in your Low Code App, where you can let the user type in a password, by using the "PasswordBox" . This could then in the background let the password be saved in that element.
  • In your Ad Hoc Data Source, you can only store "encrypted strings" hardcoded, and use that password in the element parameter to actually decrypt it and show it. In this way, when a user for example checks the Ad Hoc Data Source in the Automation module, he will only see the encrypted string. Also if you were to push your code to a github solution published on a repo, you would not risk that sensitive date is leaked.
  • I think on the internet there are many examples on using a password, encrypt and decrypt strings, one of the more recent good examples I found was via this link : A straightforward way in C# .NET to encrypt and decrypt a string using AES | Asp.Net Core, Angular, Xamarin and Maui (wordpress.com) . Just for future reference, in case that the link could break maybe in the future, I will also copy-paste it below. Of course you can go one step further, and start to work with public and private keys, but that's only going to add value if you also want users to give the possibility to pass on sensitive data. Based on your information, I think you only want to let the users read sensitive date (if they have the password) and in that case one password is enough.

Maybe there are better ways, but I hope this maybe can help you already.

Kind regards,
Joachim

using System;
using System.IO;
using System.Security.Cryptography;
namespace MyNiceApp;

    class Program
    {
        static void Main(string[] args)
        {
            // The plaintext string
            string plaintext = "Hello, Baha'is of the World!";

            // The password used to encrypt the string
            string password = "my-secret-ian-password";

            // Encrypt the string
            string encrypted = EncryptString(plaintext, password);

            // Decrypt the encrypted string
            string decrypted = DecryptString(encrypted, password);

            // Print the original and decrypted strings
            Console.WriteLine("Original:  " + plaintext);
            Console.WriteLine("Decrypted: " + decrypted);
        }

        static string EncryptString(string plaintext, string password)
        {
            // Convert the plaintext string to a byte array
            byte[] plaintextBytes = System.Text.Encoding.UTF8.GetBytes(plaintext);

            // Derive a new password using the PBKDF2 algorithm and a random salt
            Rfc2898DeriveBytes passwordBytes = new Rfc2898DeriveBytes(password, 20);

            // Use the password to encrypt the plaintext
            Aes encryptor = Aes.Create();
            encryptor.Key = passwordBytes.GetBytes(32);
            encryptor.IV = passwordBytes.GetBytes(16);
            using (MemoryStream ms = new MemoryStream())
            {
                using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
                {
                    cs.Write(plaintextBytes, 0, plaintextBytes.Length);
                }
                return Convert.ToBase64String(ms.ToArray());
            }
        }

        static string DecryptString(string encrypted, string password)
        {
            // Convert the encrypted string to a byte array
            byte[] encryptedBytes = Convert.FromBase64String(encrypted);

            // Derive the password using the PBKDF2 algorithm
            Rfc2898DeriveBytes passwordBytes = new Rfc2898DeriveBytes(password, 20);

            // Use the password to decrypt the encrypted string
            Aes encryptor = Aes.Create();
            encryptor.Key = passwordBytes.GetBytes(32);
            encryptor.IV = passwordBytes.GetBytes(16);
            using (MemoryStream ms = new MemoryStream())
            {
                using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
                {
                    cs.Write(encryptedBytes, 0, encryptedBytes.Length);
                }
                return System.Text.Encoding.UTF8.GetString(ms.ToArray());
            }
        }
    }

Jon Corral [SLC] [DevOps Enabler] Selected answer as best 3rd July 2024
Jon Corral [SLC] [DevOps Enabler] commented 3rd July 2024

This is a great approach Joachim! Thanks for the help

You are viewing 1 out of 1 answers, click here to view all answers.
Please login to be able to comment or post an answer.

My DevOps rank

DevOps Members get more insights on their profile page.

My user earnings

0 Dojo credits

Spend your credits in our swag shop.

0 Reputation points

Boost your reputation, climb the leaderboard.

Promo banner DataMiner DevOps Professiona Program
DataMiner Integration Studio (DIS)
Empower Katas

Recent questions

Web Applications exception in Cube due to invalid certificate 0 Answers | 0 Votes
Redundancy Groups and Alarming – Duplicate Alarms 0 Answers | 0 Votes
Correlation Engine: “Test rule” doesn’t result in a hit, despite functional rule 1 Answer | 3 Votes

Question Tags

adl2099 (115) alarm (62) Alarm Console (82) alarms (100) alarm template (83) Automation (223) automation scipt (111) Automation script (167) backup (71) Cassandra (180) Connector (109) Correlation (69) Correlation rule (52) Cube (151) Dashboard (194) Dashboards (188) database (83) DataMiner Cube (57) DIS (81) DMS (71) DOM (140) driver (65) DVE (56) Elastic (83) Elasticsearch (115) elements (80) Failover (104) GQI (159) HTTP (76) IDP (74) LCA (152) low code app (166) low code apps (93) lowcodeapps (75) MySQL (53) protocol (203) QAction (83) security (88) SNMP (86) SRM (337) table (54) trending (87) upgrade (62) Visio (539) Visual Overview (345)
Privacy Policy • Terms & Conditions • Contact

© 2025 Skyline Communications. All rights reserved.

DOJO Q&A widget

Can't find what you need?

? Explore the Q&A DataMiner Docs

[ Placeholder content for popup link ] WordPress Download Manager - Best Download Management Plugin