Is the usage of Isolated Storage in Silverlight 3 a security concern

Posted by Prashant on Stack Overflow See other posts from Stack Overflow or by Prashant
Published on 2010-03-24T13:07:18Z Indexed on 2010/03/24 13:33 UTC
Read the original article Hit count: 578

Filed under:

Silverlight

|

silverlight-3.0

|

isolatedstorage

|

session-state

I am using Silverlight 3 on my website. I have a Login Page for role based authentication, that routes users with different privileges to different parts of the website. I want to use something analogous to the Session Variables available in standard ASP.Net applications.

I intend to use Isolated Storage to achieve this. But I am skeptical about security in this option, as the Isolated Storage exists on the client side, and can be manipulated on client side. I am new to the Isolated Storage concept and don't know about the security options provided by it in terms of Encryption and server-side validation etc. If any of you have used it or are aware of the security provided in this case, could you please shed some light on the same.

Thanks

© Stack Overflow or respective owner

Related posts about Silverlight

Silverlight 4 Released

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
The final release of Silverlight 4 is now available. What is in the Silverlight 4 Release Silverlight 4 contains a ton of new features and capabilities. In particular we focused on three scenarios with this release: Further enhancing media support Building great business… >>> More
Performance of Silverlight Datagrid in Silverlight 3 vs Silverlight 4 on a mac

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using Silverlight Beta 4 for a LOB application. After finding out today that I'll have to wait perhaps 4 months to be able to develop with SL4 on Visual Studio 2010 I'm thinking I need to downgrade my application to SL3 but thats another question. The problem is I'm noticing absolutely abismal… >>> More
Silverlight TV 15: Announcing Silverlight 4 RC at MIX 10

as seen on Dot net Slackers - Search for 'Dot net Slackers'
John and Adam discuss Silverlight 4 RC, following up the MIX10 keynote announcement of Silverlight 4 RC by discussing what is new and what materials have been released on the Channel 9 learning center website. They cover their picks for some of the most impactful features in Silverlight 4 RC… >>> More
Silverlight TV 14: Developing for Windows Phone 7 with Silverlight

as seen on Dot net Slackers - Search for 'Dot net Slackers'
Silverlight TV is here at MIX10 where Windows Phone 7 (WP7) and Silverlight just became the best match since peanut butter and chocolate! Mike Harsh, Program Manager for the Silverlight team working on WP7, joins John Papa to demonstrate the WP7 device and the tooling used to create applications for… >>> More
Silverlight Commands Hacks: Passing EventArgs as CommandParameter to DelegateCommand triggered by Ev

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Today I've tried to find a way how to pass EventArgs as CommandParameter to DelegateCommand triggered by EventTrigger. By reverse engineering of default InvokeCommandAction I find that blend team just ignores event args.To resolve this issue I have created my own action for triggering delegate commands… >>> More

Related posts about silverlight-3.0

Silverlight 4 Released

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
The final release of Silverlight 4 is now available. What is in the Silverlight 4 Release Silverlight 4 contains a ton of new features and capabilities. In particular we focused on three scenarios with this release: Further enhancing media support Building great business… >>> More
Performance of Silverlight Datagrid in Silverlight 3 vs Silverlight 4 on a mac

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm using Silverlight Beta 4 for a LOB application. After finding out today that I'll have to wait perhaps 4 months to be able to develop with SL4 on Visual Studio 2010 I'm thinking I need to downgrade my application to SL3 but thats another question. The problem is I'm noticing absolutely abismal… >>> More
Silverlight TV 15: Announcing Silverlight 4 RC at MIX 10

as seen on Dot net Slackers - Search for 'Dot net Slackers'
John and Adam discuss Silverlight 4 RC, following up the MIX10 keynote announcement of Silverlight 4 RC by discussing what is new and what materials have been released on the Channel 9 learning center website. They cover their picks for some of the most impactful features in Silverlight 4 RC… >>> More
Silverlight TV 14: Developing for Windows Phone 7 with Silverlight

as seen on Dot net Slackers - Search for 'Dot net Slackers'
Silverlight TV is here at MIX10 where Windows Phone 7 (WP7) and Silverlight just became the best match since peanut butter and chocolate! Mike Harsh, Program Manager for the Silverlight team working on WP7, joins John Papa to demonstrate the WP7 device and the tooling used to create applications for… >>> More
Silverlight Commands Hacks: Passing EventArgs as CommandParameter to DelegateCommand triggered by Ev

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Today I've tried to find a way how to pass EventArgs as CommandParameter to DelegateCommand triggered by EventTrigger. By reverse engineering of default InvokeCommandAction I find that blend team just ignores event args.To resolve this issue I have created my own action for triggering delegate commands… >>> More