473,692 Members | 2,375 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Securing a split database without user level security

Hi !
I split a simple Access2K database ( shared on network )and placed
the files thusly :

x:\app\frontend .mdb

x:\app\back\bac kend.mdb

Problem :
I once read an article that laid out a "permission " scheme that ,
while not perfect, was effective at providing some protection ( from
outright deletion for example ). This scheme had one assign certain
permissions to the mdb's and other permissions for the folders where
they reside.

Can anyone help on this issue ?
I am not able to locate the original article nor recall it's details.

André in Montréal
Nov 12 '05 #1
7 3233
so******@hotmai l.com (Andy) wrote in message news:<50******* *************** ****@posting.go ogle.com>...
Hi !
I split a simple Access2K database ( shared on network )and placed
the files thusly :

x:\app\frontend .mdb

x:\app\back\bac kend.mdb

Problem :
I once read an article that laid out a "permission " scheme that ,
while not perfect, was effective at providing some protection ( from
outright deletion for example ). This scheme had one assign certain
permissions to the mdb's and other permissions for the folders where
they reside.

Can anyone help on this issue ?
I am not able to locate the original article nor recall it's details.

André in Montréal

Why don't you want to implement User-level security? It's not that
hard and is very effective.
Nov 12 '05 #2
Andy wrote:
Hi !
I split a simple Access2K database ( shared on network )and placed
the files thusly :

x:\app\frontend .mdb

x:\app\back\bac kend.mdb

Problem :
I once read an article that laid out a "permission " scheme that ,
while not perfect, was effective at providing some protection ( from
outright deletion for example ). This scheme had one assign certain
permissions to the mdb's and other permissions for the folders where
they reside.

Can anyone help on this issue ?
I am not able to locate the original article nor recall it's details.

André in Montréal


I take it you are talking about fiel system permissions?

Access required Read/Write permissions on the databases and
Read/Write/Create permissions for new files in the folder (to create the
LDB locking file).

I think that is it.... ?
--
regards,

Bradley
Nov 12 '05 #3
Rob
I've got to plug a book by Garry Robinson, "Real World MS Access
Database Protection and Security." A great resource if you want to
protect your database. Highly recommended.
Rob
Nov 13 '05 #4
Rob wrote:
I've got to plug a book by Garry Robinson, "Real World MS Access
Database Protection and Security." A great resource if you want to
protect your database. Highly recommended.
Rob


Can it stop an Access database being hacked? I can get past almost any
workgroup (with or without a workgroup file), database password and
encryption security.

I think the only way to secure a database properly is by starting off
removing access to the database file and use a "service" like
MSSQL/others use. Until you have physical security of the database file
you are fighting a lossing battle I reckon. :)

Thanks for the book idea, I might try and find a copy.
--
regards,

Bradley
Nov 13 '05 #5
Rob
No question, removing access to the files is the best way. However,
there are a number of things that can be done to make it 'difficult'
if not impossible that most people wouldn't think of or know to try.
Check out the book. Its definitely the most authoritative book I've
seen on the topic.
Rob
Nov 13 '05 #6
Rob wrote:
No question, removing access to the files is the best way. However,
there are a number of things that can be done to make it 'difficult'
if not impossible that most people wouldn't think of or know to try.
Check out the book. Its definitely the most authoritative book I've
seen on the topic.
Rob


I shall.

I agree...
eg.
Rename the database from .mdb to something else
Startup procedure or Autoexec macro in backend to shutdown database if
opened
etc.

:)
--
regards,

Bradley
Nov 13 '05 #7
The best way to protect the file from being deleted is

A) Back up the file often
B) Protect the file using Windows Security. This should be applied to
the folder that the database resides in. You can firstly setup
permissions in windows so that only accounts that you specify can use
the database rather than every account in your domain.

You can find an article on this at my web site vb123.com
http://www.vb123.com/toolshed/04_doc...p_security.htm
Once you have that up and running, you can make it very difficult for
an ordinary user to browse the database folder. This makes it very
difficult to delete the backend as you can make them really struggle
to find out the name of the file. I detail this in my book. Thanks
for the kind words above.

C) You can also maintain a connection/open to the database thereby
stopping anyone from deleting the file as it will be in use. Haven't
ever done anything on that but it shouldn't be too hard to do.

Renaming the database to an unknown filetype may hinder your backups
and administrators from finding the database and backing it and
recovering it as they will miss it in the searches.

On a different topic, have a say about what you want in Access 2006 at
vb123.blogspot. com

I have stated my points of view.

"Bradley" <br*****@REMOVE THIScomcen.com. au> wrote in message news:<HA******* ********@news-server.bigpond. net.au>...
Rob wrote:
No question, removing access to the files is the best way. However,
there are a number of things that can be done to make it 'difficult'
if not impossible that most people wouldn't think of or know to try.
Check out the book. Its definitely the most authoritative book I've
seen on the topic.
Rob


I shall.

I agree...
eg.
Rename the database from .mdb to something else
Startup procedure or Autoexec macro in backend to shutdown database if
opened
etc.

:)

Nov 13 '05 #8

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
2849
by: win2kcowboy | last post by:
Using VS2003, ASP.NET 1.1 Is it possible to secure files normally placed as attachments (such as word docs etc.) and often placed in attachment directories within your web application, using FORMS authentication and web.config and NOT using Active Directory/NTFS persmissions (_all_ users will come in under the ASPNET user account at the AD/NTFS level). I am familiar with the fact that placing the following few lines into web.config...
11
1896
by: Susan Bricker | last post by:
Greetings. I am looking for some advice on making a database secure. By secure, I mean that I want only certain people to have write access to the database and I want the updates to be permitted while other read-only users may be browsing and generating reports. I am working with MS/ACCESS 2000 and would like to split the database into a front-end and back-end and then put the back-end onto a shared drive that all of my group has access...
5
1351
by: ronchito | last post by:
Hi, I have a database that contains only one table. This table contains highly confidential/unique information that, if viewed or copied as a whole, would give away much of my company's intellectual property. So, obviously we don't want users to have direct access to view, modify, etc. this table. However, there is a form in this database that uses data from that table to calculate averages, etc. I'd like the form to have access to the...
7
2206
by: Tom | last post by:
Can anyone give me any advice on how to secure a folder on a network server so that documents in the folder can only be opened through an Access database or by the database admin. I need to store MS Word docs in a folder on a network server. The database admin will save the docs to the folder. The docs must be available to Word automation out of a specific Access database and available to the database admin out of MS Word. Only users of...
11
3427
by: Wm. Scott Miller | last post by:
Hello all! We are building applications here and have hashing algorithms to secure secrets (e.g passwords) by producing one way hashes. Now, I've read alot and I've followed most of the advice that made sense. One comment I've seen alot about is "securing the hashing routine" but no-one explains how to accomplish this. So how do I secure my hashing routine? Do I use code access security, role based security, ACLs, etc or combination?...
9
1783
by: carriolan | last post by:
Hi Hi As daft as it may sound I have carried out the approach detailed by Keith Wilby on his site www.keithwilby.com/ down to and inclusive of import objects. I have established that: 1. IPGAdmin is now a member of the ‘Admins’ group and owns the database and imported objects. 2. Admin the old user does not own the objects or the database and does not have any permissions.
4
2808
by: Stephen Poley | last post by:
Whenever anyone has a question about securing an Access database he/she is usually referred (unsurprisingly) to the Security FAQ. This is however incomplete/unclear with respect to databases with a separate front-end and back-end, which is rather surprising considering that all Access databases should be split into a separate front-end and back-end. Noticing that there are quite a lot of questions on this subject in the Access newsgroups...
3
2955
by: theProfessor | last post by:
We are using a shared split database with all users currently using Access 2003. The back end is on a shared drive of a state wide WAN. Each user has a copy of the front end on their local computer. I programmed and maintain the database. We have about 140 users with about a maximum of about 20 concurrent users. I use user level security to determine which of the three groups a user belongs to, and then VB Script and macros show the...
10
3364
by: Les Desser | last post by:
In article <fcebdacd-2bd8-4d07-93a8-8b69d3452f3e@s50g2000hsb.googlegroups.com>, The Frog <Mr.Frog.to.you@googlemail.comMon, 14 Apr 2008 00:45:10 writes Not sure if I quite follow that. 1. Data encrypted by AES key 2. AES key encrypted with Asymmetric public key (?)
0
8610
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
8544
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9090
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
8968
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
1
8810
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
1
6462
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
4325
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
2
2242
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
1961
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.