Traditional ways of protection of a database.
Image via Wikipedia
Protection of database Microsoft Access
Microsoft Access provides two traditional ways of protection of a database: installation of the password demanded at opening a database and protection at level of users which allows to limit, to what part of a database the user will have access or what its part it can change. Besides, it is possible to remove changeable program Visual Basic from a database to prevent changes of structure of forms, reports and modules, having kept a database as file MDE.
Password installation
The elementary way of protection is installation of the password for database opening. After the password is established, at each opening of a database there will be a dialogue window into which it is required to enter the password. Only those users who will enter the correct password, can open a database. This way is reliable enough, but it is applied only at database opening. After database opening all objects become accessible to the user. For a database which is in common used by small group of users or on the independent computer, password installation usually appears sufficient.
Protection at level of users
The most flexible and widespread way of protection of a database is called as protection at level of users. This way of protection is similar to the ways used in the majority of network systems. From users it is required to identify itself and to enter the password when they start Microsoft Access.
By means of protection frames it is possible to specify, what operations on processing of objects of a database are authorised to be carried out to the user or group of users. About each user or group accounting records with instructions of access rights to those or other objects are conducted.
Working groups. As the worker is called the group of the users working with one database and having the general file of working group. The file of working group is a system file with the information on group of the users working from a DB of collective access. Accounting records, passwords, and also data are stored in files of working groups about access rights to objects of a DB.
Change standard or creation of a new file of working group is carried out by the program the Manager of the working groups, being in folder System of folder Windows.
Access restriction. After installation Access the user receives access right to all objects of a DB (becomes a member of group Admins with name Admin). Members groups Admins (managers) have the right to DB updating.
To eliminate a direct access in system of all members of group Admins it is necessary to establish the password for each manager in registration record Admin. Otherwise at each start Access the manager will be registered as user Admin – without password instructions.
Accounting records. After creation of working group it is possible to start entering of registration (registration) records. Accounting record Admin, and also accounting records of groups Admins (Managers) is by default created, Users (Users) and are given access rights to all objects.
The accounting record of the manager is included in working group Admins. The manager has the right of access to all objects created in this group. Except the manager the owner of a database can be specified. In system of maintenance of safety Access owners of objects have the special status. By default the user who has created object, becomes the owner of this object and has the rights to work with it.
Managers and owners are allocated by the special rights:
- The manager of a DB can always receive access right to all objects created by members of the given worker of group;
- The owner of a DB can always open a database;
- The owner of object is allocated by full access rights to this object.
Change of the rights of possession. User Admin is the owner of any database and all objects. As for it the password for protection of a DB against not authorised access it is necessary to change the right of possession of base and its objects is not established.
There are some ways of change of the owner of objects of a database:
- Importation of all objects of a DB in a new file;
- Use вкладки change of the owner of a dialogue window of the Permission.
Assignment and removal of access rights. The manager of a DB gives to all or some members of working group of access right to various objects of a database. Access rights are stored in a file of a database and characterise its objects.
It is possible to start differentiation of access rights of users and groups after creation of working group, definition of the manager and the owner of a database, and also creation of accounting records of users and groups. The user inherits the rights of that group to which belongs.
All access rights to object remain at its change only in the event that the buffer of an exchange was not applied or object import/export was not executed. However, all access rights connected with object can be lost at object preservation under a new name by means of a command to Keep как|Экспорт
Database enciphering
Enciphering is a protection of a DB against not authorised access by means of the text editor or means of work with files, for example, a part Windows or Norton Utilities. The information in the ciphered database is inaccessible to reading. Enciphering slows down work Access a little: time is spent for enciphering and decoding of files.
Members of group Admins can make enciphering and database decoding only.
In this article we have disassembled traditional ways of protection of a database.
Image via Wikipedia
Leave Your Response