J
Javier Gomez
Is it any "substantial" deference between a "normal" MDE and encoded
MDE in terms of security ??
thanks in advance
Javier
MDE in terms of security ??
thanks in advance
Javier
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
T
TC
What do you mean by "encoded"?
TC
TC
J
Javier Gomez
Thanks for replaying !
Encoded means: tools-->security-->Encode
But ofcourse this process must be done it before convertion into a
MDE.
So a reapeat my question again:
If you have a DECODED MDB (normal) and you converted into a MDE, Which
is the deference betwenn doing it fron ENCODED MDB ?
Is the final MDE the same or Not??
Regards
Encoded means: tools-->security-->Encode
But ofcourse this process must be done it before convertion into a
MDE.
So a reapeat my question again:
If you have a DECODED MDB (normal) and you converted into a MDE, Which
is the deference betwenn doing it fron ENCODED MDB ?
Is the final MDE the same or Not??
Regards
R
Rick Brandt
Javier said:Thanks for replaying !
Encoded means: tools-->security-->Encode
But ofcourse this process must be done it before convertion into a
MDE.
So a reapeat my question again:
If you have a DECODED MDB (normal) and you converted into a MDE, Which
is the deference betwenn doing it fron ENCODED MDB ?
Is the final MDE the same or Not??
If encoded is the same as encrypted then you get the extra protection for *data*
that someone will not be able to open the file with Notepad or a hex editor and
be able to read anything. It shoud not make any difference in an MDE as far as
non-data is concerned.
J
Jeff Conrad
in message:
From memory I believe there is a slight performance hit with an encrypted file
compared to a "normal" file. I also think an encrypted file will not be able to
be compressed (or at least not as much).
If encoded is the same as encrypted then you get the extra protection for *data*
that someone will not be able to open the file with Notepad or a hex editor and
be able to read anything. It should not make any difference in an MDE as far as
non-data is concerned.
From memory I believe there is a slight performance hit with an encrypted file
compared to a "normal" file. I also think an encrypted file will not be able to
be compressed (or at least not as much).
J
Javier Gomez
Thanks Rick !
But I understand that it is a deference between encoded and encrypted.
ENCODED is done by Access (is develop by Microsoft) is is a standard
function.
ENCRYPTED is done by the User with a routine. (No develop by
Microsoft).
I think it is a BIG deference.........
I don't understand which is the deference from:
(TOOLS-->Security-->Encode)
MDB ENCODED-->MDE
or
MDB DECODED-->MDE
If MDE format it is already it seft protected,........Is it any
deference between them or are both de same ????
regards.
But I understand that it is a deference between encoded and encrypted.
ENCODED is done by Access (is develop by Microsoft) is is a standard
function.
ENCRYPTED is done by the User with a routine. (No develop by
Microsoft).
I think it is a BIG deference.........
I don't understand which is the deference from:
(TOOLS-->Security-->Encode)
MDB ENCODED-->MDE
or
MDB DECODED-->MDE
If MDE format it is already it seft protected,........Is it any
deference between them or are both de same ????
regards.
R
Rick Brandt
Javier said:Thanks Rick !
But I understand that it is a deference between encoded and encrypted.
ENCODED is done by Access (is develop by Microsoft) is is a standard
function.
ENCRYPTED is done by the User with a routine. (No develop by
Microsoft).
I think it is a BIG deference.........
No, Access used the term Encrypt/Decrypt up until Access 2003 when they
changed to Encode/Decode. I am sure it is the same thing.
T
TC
I think you are confusing three things.
1. Compilation & MDEs
The VBA source-code in an Access database, is always processed into a
lower-level form, before it is executed. In other languages, this is
called "tokenizing". Access uses the term "compiling".
This lower-level, tokenized, or compiled, form of the source-code, is
not human readable. This is not because microsoft made an effort to
make it unreadable. It's just because the specifications of that
lower-level format, have never been published anywhere.
In an MDE database, the human readable source-code has been completely
deleted, leaving only the lower-level, compiled, or tokenized, form.
This stops anyone reading or changing your source-code, accidentally or
deliberately. That is often the main purpose of using an MDE. But, MDE
format does not in any way protect your *data* from being viewed or
changed by unauthorized people.
2. Encryption & Encoding
Encryption causes the whole content of the whole database file to be
encrypted using the well-known cryptographic cipher, RC4. This stops
anyone viewing the content of the database file, using a text editor.
It also stops anyone trying to *ALTER* the database file using a text
editor.
Encryption does nothing to protect your data from being viewed *using
Access*. Access will instantly decrypt the data, as it reads it back
from disk.
*Normally*, in real life, the purpose of encryption is, to prevent your
data being viewed by unauthorized people. But with Access, the purpose
of encryption is just to stop people messing with the database file
using a text editor.
Rick B. says that Access used the term Encrypt/Decrypt up until Access
2003 when they changed to Encode/Decode. I was unaware of that, but if
he says so, I'd believe him.
3. User-level security
User-level security is the process of using a workgroup information
file (MDW extension) to specify who can use your database, and what
functions they can use in it. This is called, "securing" your database.
A secured database would normally be encrypted as well. Otherwise,
people could look at the secured data by using a text editor.
In fact, all 9 combinations of these three things are possible:
MDE'd? Encrypted? Secured?
1 no no no
2 no no yes
3 no yes no
4 no yes yes
5 yes no no
6 yes no yes
7 yes yes no
8 yes no yes
9 yes yes yes
Note
2,6 - possible, but not sensible, because people could peek at the
secured data by using a text editor.
Does that help?
TC
1. Compilation & MDEs
The VBA source-code in an Access database, is always processed into a
lower-level form, before it is executed. In other languages, this is
called "tokenizing". Access uses the term "compiling".
This lower-level, tokenized, or compiled, form of the source-code, is
not human readable. This is not because microsoft made an effort to
make it unreadable. It's just because the specifications of that
lower-level format, have never been published anywhere.
In an MDE database, the human readable source-code has been completely
deleted, leaving only the lower-level, compiled, or tokenized, form.
This stops anyone reading or changing your source-code, accidentally or
deliberately. That is often the main purpose of using an MDE. But, MDE
format does not in any way protect your *data* from being viewed or
changed by unauthorized people.
2. Encryption & Encoding
Encryption causes the whole content of the whole database file to be
encrypted using the well-known cryptographic cipher, RC4. This stops
anyone viewing the content of the database file, using a text editor.
It also stops anyone trying to *ALTER* the database file using a text
editor.
Encryption does nothing to protect your data from being viewed *using
Access*. Access will instantly decrypt the data, as it reads it back
from disk.
*Normally*, in real life, the purpose of encryption is, to prevent your
data being viewed by unauthorized people. But with Access, the purpose
of encryption is just to stop people messing with the database file
using a text editor.
Rick B. says that Access used the term Encrypt/Decrypt up until Access
2003 when they changed to Encode/Decode. I was unaware of that, but if
he says so, I'd believe him.
3. User-level security
User-level security is the process of using a workgroup information
file (MDW extension) to specify who can use your database, and what
functions they can use in it. This is called, "securing" your database.
A secured database would normally be encrypted as well. Otherwise,
people could look at the secured data by using a text editor.
In fact, all 9 combinations of these three things are possible:
MDE'd? Encrypted? Secured?
1 no no no
2 no no yes
3 no yes no
4 no yes yes
5 yes no no
6 yes no yes
7 yes yes no
8 yes no yes
9 yes yes yes
Note
2,6 - possible, but not sensible, because people could peek at the
secured data by using a text editor.
Does that help?
TC
T
TC
Add 8. to Note 2,6.
TC
TC
J
Javier Gomez
Thanks TC a lot, this is what I need it to know !!
Everything is clear now
regards
Everything is clear now
regards