Security on a distributed DB

  • Thread starter Thread starter TC
  • Start date Start date
Dear community,

We've taken a look at Microsoft security FAQ and Jack MacDonald's methods.
It seems the security presented here is for a central database with multiple
users.

In our situation, we're providing a light-weight DB (Access of course) to a
team of sales persons along with a costing application. Both the app and DB
reside on as many laptops as there are sales reps. The app needs to
read/write the DB, but we want to lock out a sales person from messing with
the DB. If an unscrupulous rep was allowed inside the DB, they could make
modifications that could quote a product cheaper than it would be worth for
us to make.

For all practical purposes, our DB is a distributed throw-away; it simply
times out then becomes unusable. A sales person then must acquire a new one
periodically. If someone from the community could give us a pointer on what
to study (or do!) we would really appreciate it. We could use a DB password,
but understand that could be hacked. Thanks!

Steve Wagner
 
Thank-you for the response.

Our application is written using MFC with the CDaoDatabase class interface.

Steve
 
Ok. Then you are really using a Jet database. (Access is just the UI things:
forms, reports etc. The actual data storage (tables, indexes, queries, SQL
etc.) is handled by the underlying default database engine, Jet.)

Certainly you could establish user-level security on your MS Jet database.
That security could ensure that none of your users can edit the data. That
restriction would be enforced by Jet, so there would be nothing your users
could do to the MFC code, or directly in the database, to edit that data -
if that'ds what you wanted. You would have to create an appropriate
Workgroup Information File, work out how to reference that file from MFC,
when you open the database.

So there is really not much different about your needs except that the
front-end UI is in MFC instead of MS Access.

Unfortunately, "Access" security (which you will now realize, is really MS
Jet security) has quite a steep learning curve, with many traps for the
unwary. It might be worth your while o experiement with it in Access, until
you have come to grips with it. Then work out how to access the secured
database (& associated workgroup file) with MFC.

Hope that helps,
TC
 
Back
Top