database security (1 Viewer)

[NickNeville]

Good Morning all
would anyone be able to help me about a Q on security please.
I am trying to make areas of my database secure but have a little success in understanding the various levels of the process.
Is there a book or easy to follow manual / web site which goes thru the process so that a simpleton like me can understand !

Your help most appreciated on this.

Nick

 

[HiTechCoach]

Nick,

Unfortunately implementing Database security is a very complex task.

The way I look at creating a security model it this:
"If it was really easy to create/implement, then it probably will be really easy to bypass."

With Access it is difficult to really be very secure. The best you can hope for is to put up enough road blocks that most people will give up trying to crack the security model.


There are two basic methods:

1) Use the depreciated built-in User Level Security. Itt is currently not support int he new Access 2007/2010 (.accdb or ACE ) format.

See: Microsoft Access User-Level Security

2) Create your own.

a) Interact with Windows to get the current user and base authentication on this user. Works well when using a domain (PDC). And also with an SQL server back end for additional security.

b) Create your own user log in system for authentication.

Here is an example: Boiler Plate Database

 

[gemma-the-husky]

i think the underlying reason it is not easy, is that underneath it all, Access is just another desktop app, like word or excel, and adding security to access is hardly any different to adding security for those.

but what we do, is prevent users getting full use of access, by attempting to limit its use into a limited programmed environment. As such, a lot of stuff is about removing users ability to do stuff, rather than granting it, with a model that doesn't do this easily.

 

[HiTechCoach]

i think the underlying reason it is not easy, is that underneath it all, Access is just another desktop app, like word or excel, and adding security to access is hardly any different to adding security for those.

but what we do, is prevent users getting full use of access, by attempting to limit its use into a limited programmed environment. As such, a lot of stuff is about removing users ability to do stuff, rather than granting it, with a model that doesn't do this easily.

Well said.

 

[NickNeville]

Many thanks to both
I am soooo glad I'm not the only one !
I will take a look at the Boiler D/B, it sounds likexactly what I am looking for.
Thankyou again
Rgds
Nick

 

[gemma-the-husky]

the other thing is that the access security model is, if you will, a vertical model.

setting security prevents/allows permisisons for an entrie table/query/form.

----------------
now, if what you want is for a given form to allow certain actions for one cass of use, and others for a different user you can't do this.

You either need two forms, one for each class of user, or you need to hand code the special permissions. You can't use access securioty for this.

or, if you have several depots, and want to limit certain users to just interact with their own depot - you can't do this with a vertical security model, at all.