C
Chris R. Lee
Hi,
I work in a highly regulated industry, where people still do simple but long
and repetitive analytical chemical calculations with pocket calculators,
because of doubts about the validity of Excel spreadsheets. Excel is great
for rapidly setting up calculations, but it was never designed for security.
Sometimes we acquire data from balances or other instruments using supplied
proprietary software with DDE links, or else WinWedge (TAL) communications
software. In this situation you can't protect the worksheet that receives
data, though you can hide it.
You can take a limited amount of risk with security - for example you can
assume that users won't go to extreme lengths to hack your protections. In
my experience the biggest problem is people copying a secure workbook to a
different file, in order to do something slightly different; they tend to
mess up the formulas and the protection always disappears. In practice,
Excel would be OK if laboratory managers could have some indication that the
correct uncloned workbook has been used.
Would a reasonably secure solution be to place some kind of signature in a
hidden part of each worksheet, with an indication on a visible part that the
signature is correct? I'm thinking either of a checksum or a standard
electronic signature system. For reference, one way of making an electronic
signature is to place 2 big prime numbers in the hidden area and give the
result of their multiplication in a visible area.
I'd be grateful if anyone has working knowledge of this kind of protection,
together with references to reputable literature. There's plenty of stuff
about electronic signatures on the web, but when it comes to practical
solutions, you need some specialised knowledge and a traceable source for
the information. Ideally, there should be no more than a few lines of VBA,
because any sort of written code is very hard to validate.
Regards
I work in a highly regulated industry, where people still do simple but long
and repetitive analytical chemical calculations with pocket calculators,
because of doubts about the validity of Excel spreadsheets. Excel is great
for rapidly setting up calculations, but it was never designed for security.
Sometimes we acquire data from balances or other instruments using supplied
proprietary software with DDE links, or else WinWedge (TAL) communications
software. In this situation you can't protect the worksheet that receives
data, though you can hide it.
You can take a limited amount of risk with security - for example you can
assume that users won't go to extreme lengths to hack your protections. In
my experience the biggest problem is people copying a secure workbook to a
different file, in order to do something slightly different; they tend to
mess up the formulas and the protection always disappears. In practice,
Excel would be OK if laboratory managers could have some indication that the
correct uncloned workbook has been used.
Would a reasonably secure solution be to place some kind of signature in a
hidden part of each worksheet, with an indication on a visible part that the
signature is correct? I'm thinking either of a checksum or a standard
electronic signature system. For reference, one way of making an electronic
signature is to place 2 big prime numbers in the hidden area and give the
result of their multiplication in a visible area.
I'd be grateful if anyone has working knowledge of this kind of protection,
together with references to reputable literature. There's plenty of stuff
about electronic signatures on the web, but when it comes to practical
solutions, you need some specialised knowledge and a traceable source for
the information. Ideally, there should be no more than a few lines of VBA,
because any sort of written code is very hard to validate.
Regards