Securing SQL Connection String

Securing authentication information used to establish connection between two applications is one of the most critical aspects of application security. This paper will focus on protecting connection strings used to authenticate communication between the web server and the back-end database. We will discuss and evaluate the vast array of options available for storage and protection of the connection strings. Because connection strings are dependent on the type of data source used, we will be specifically referring to the connection strings used to connect to the SQL Server in the Windows environment.