[AccessD] Hiding Back End Design

MartyConnelly martyconnelly at shaw.ca
Tue Jun 22 15:06:44 CDT 2004


Have you looked at  Garry Robinson's  book yet  "Real World Microsoft 
Access Database Protection and Security".
http://vb123.com/map/

A shareware version of a simplified user security add-in - LASsie
(Light Application Security) for MS Access - is available for download
here:
http://www.peterssoftware.com/las.htm

Also, there's the Access Project Security Manager from
databasecreations, Inc.:
http://www.databasecreations.com/prod_apsm.htm


Rocky Smolin - Beach Access Software wrote:

>In fact when I was working with this Chinese distributor in the old DOS days
>(I had implemented a hardware key which plugged into the parallel port) she
>told me that they have a saying in China "Locks are for the honest man."
>
>Rocky
>
>----- Original Message ----- 
>From: <DWUTKA at marlow.com>
>To: <accessd at databaseadvisors.com>
>Sent: Tuesday, June 22, 2004 8:41 AM
>Subject: RE: [AccessD] Hiding Back End Design
>
>
>  
>
>>Couldn't agree more.  When I was in boot camp, one of our drill sargeants
>>told us that the lock on our lockers only kept honest people honest.  Very
>>true statement.
>>
>>I had a talk with our CFO one day (my bosses boss), and told him that our
>>best network security was ignorance.  LOL
>>
>>Drew
>>
>>-----Original Message-----
>>From: accessd-bounces at databaseadvisors.com
>>[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of ACTEBS
>>Sent: Monday, June 21, 2004 9:20 PM
>>To: 'Access Developers discussion and problem solving'
>>Subject: RE: [AccessD] Hiding Back End Design
>>
>>
>>Gustav,
>>
>>"Personally, I think the time for proprietary systems has passed -
>>    
>>
>customers
>  
>
>>need systems they can drag data from to be used elsewhere."
>>
>>Never a truer word said.
>>
>>With the decision by the Munich government to migrate to Linux, France
>>looking to do the same and Brazil on the verge, it seems as though the end
>>is nigh for the proprietary software/business model.
>>
>>Hmmm, sorry I went a bit off topic there..... ; )
>>
>>Rocky - if a cracker wants to crack your software he will. There are teams
>>of these people out there who see it as a challenge. Why waste your time?
>>
>>Vlad
>>
>>-----Original Message-----
>>From: accessd-bounces at databaseadvisors.com
>>[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Gustav Brock
>>Sent: Tuesday, 22 June 2004 4:02 AM
>>To: Access Developers discussion and problem solving
>>Subject: Re: [AccessD] Hiding Back End Design
>>
>>
>>Hi Rocky
>>
>>No, you cannot open or attach tables from the BE without the correct
>>password. But as stated from several already, you can google up at least
>>three password crackers.
>>
>>Next step would be Access security as mentioned by Drew, and the next
>>    
>>
>would
>  
>
>>be to apply field encryption which is a major step.
>>
>>By why not turn it completely around: make the design open and documented
>>    
>>
>as
>  
>
>>"this is the way to build a database for an application like this"? Then
>>    
>>
>you
>  
>
>>are the master and everyone else is the replicant - following the "Rocky"
>>standard. Personally, I think the time for proprietary systems has
>>    
>>
>passed -
>  
>
>>customers need systems they can drag data from to be used elsewhere.
>>
>>Also, I really doubt someone can figure out the intelligence of your app
>>just by watching the table design. One can watch what is going on when
>>    
>>
>data
>  
>
>>have been entered or updated but not _how_, and if someone can figure it
>>out, he will already know how to build a similar app without knowing your
>>table design.
>>
>>/gustav
>>
>>
>>    
>>
>>>If I'm reading the help file correctly, encryption does not hide the
>>>objects, just the data, yes?  I need to hide the design of the back
>>>end. Password protection is too weak.  I'll be up against
>>>professionals.
>>>      
>>>
>>>Rocky
>>>      
>>>
>>>----- Original Message -----
>>>From: "Gustav Brock" <gustav at cactus.dk>
>>>To: "Access Developers discussion and problem solving"
>>><accessd at databaseadvisors.com>
>>>Sent: Monday, June 21, 2004 9:41 AM
>>>Subject: Re: [AccessD] Hiding Back End Design
>>>      
>>>
>>    
>>
>>>>Hi Rocky
>>>>
>>>>You can encrypt the database. Not bulletproof, of course, but keeps
>>>>the average user away.
>>>>
>>>>/gustav
>>>>
>>>>        
>>>>
>>>>>Is there a way to easily hide the back end design?  My distributor in
>>>>>          
>>>>>
>>>Taiwan feels that if the back end design is not hidden then the product
>>>      
>>>
>>can
>>    
>>
>>>be easily knocked off.
>>>      
>>>
>>-- 
>>_______________________________________________
>>AccessD mailing list
>>AccessD at databaseadvisors.com
>>http://databaseadvisors.com/mailman/listinfo/accessd
>>Website: http://www.databaseadvisors.com
>>
>>
>>
>>-- 
>>_______________________________________________
>>AccessD mailing list
>>AccessD at databaseadvisors.com
>>http://databaseadvisors.com/mailman/listinfo/accessd
>>Website: http://www.databaseadvisors.com
>>-- 
>>_______________________________________________
>>AccessD mailing list
>>AccessD at databaseadvisors.com
>>http://databaseadvisors.com/mailman/listinfo/accessd
>>Website: http://www.databaseadvisors.com
>>    
>>
>
>  
>

-- 
Marty Connelly
Victoria, B.C.
Canada






More information about the AccessD mailing list