MSDE Security Vs Access Security

MSDE Security Vs Access Security

Post by Brad W. Youn » Thu, 21 Sep 2000 04:00:00



We just upgraded an application from Access to MSDE.  In Access the
database used user-level security and was encrypted.  This database has
sensitive information that we do not want our competition to get their
hands on.

In access they could not open the database unless they knew a valid
username and password.  However with SQL it appears to me that all
someone would have to do is attach the database file to MSDE or SQL
server installation then view the databases using their administrator
account.  So, now that we have upgraded this to SQL server and MSDE for
local users, how can I protect someone from getting the database files
(mdf & ldf) and attaching them to another SQL database then viewing the
data?  

Or can I restrict all user access to the file, including administrators.

Thank you,

Brad W. Young

 
 
 

MSDE Security Vs Access Security

Post by mary chipma » Fri, 22 Sep 2000 04:00:00


you need to implement SQL Server security on the data. a good place to
start is SQL Books Online to familiarize yourself with the basic
concepts, many of which will be familiar to you. here's some mappings
you may find useful:

--the public role in SQL Server is the same as the Users group in
Access. permissions granted to public are granted to all, and everyone
must be a member of public.

--user-defined roles are the same as user-defined groups.

--the sa user account maps to the sysadmin fixed server role, and is
analogous to membership in the Admins group.

--SQL Server supports integrated security, which is the most robust.
this is something Access developers can only dream of <g>.

--SQL Server supports application roles, in which an application can
supply a password and activate the role. this means you don't have to
create a lot of different groupings if you have one set of permissions
to enforce for all users of the application.

On Wed, 20 Sep 2000 09:24:14 -0700, "Brad W. Young"


>We just upgraded an application from Access to MSDE.  In Access the
>database used user-level security and was encrypted.  This database has
>sensitive information that we do not want our competition to get their
>hands on.

>In access they could not open the database unless they knew a valid
>username and password.  However with SQL it appears to me that all
>someone would have to do is attach the database file to MSDE or SQL
>server installation then view the databases using their administrator
>account.  So, now that we have upgraded this to SQL server and MSDE for
>local users, how can I protect someone from getting the database files
>(mdf & ldf) and attaching them to another SQL database then viewing the
>data?  

>Or can I restrict all user access to the file, including administrators.

>Thank you,

>Brad W. Young


 
 
 

MSDE Security Vs Access Security

Post by John Lombard » Sat, 23 Sep 2000 04:00:00


Hi,

I am trying to decide if I should use MSDE or JET for our company database

application engine. I am going to rewirte it from Access 2.0 and want to

look ahead to the need for SQl as the backend. The documentation says it

for up to 5 users, but I am wondering if it would handle up to 20 users.

I want to start this project writing the code using ADO and not rely on

Linked tables. I have found some problems writing ADO connections to the JET

4.0 provider, where the recordset is not updateable (bummer). What do you

think. I not sure but are the the Mary Chipman who write books on Access

and DB's?

Your help and experience would be invaluable. We eventually want to go to

SQL server, but not now and I want to design as much as possible toward that

end and MSDE would be a slam dunk

Thanks again

John Lombardo


> you need to implement SQL Server security on the data. a good place to
> start is SQL Books Online to familiarize yourself with the basic
> concepts, many of which will be familiar to you. here's some mappings
> you may find useful:

> --the public role in SQL Server is the same as the Users group in
> Access. permissions granted to public are granted to all, and everyone
> must be a member of public.

> --user-defined roles are the same as user-defined groups.

> --the sa user account maps to the sysadmin fixed server role, and is
> analogous to membership in the Admins group.

> --SQL Server supports integrated security, which is the most robust.
> this is something Access developers can only dream of <g>.

> --SQL Server supports application roles, in which an application can
> supply a password and activate the role. this means you don't have to
> create a lot of different groupings if you have one set of permissions
> to enforce for all users of the application.

> On Wed, 20 Sep 2000 09:24:14 -0700, "Brad W. Young"

> >We just upgraded an application from Access to MSDE.  In Access the
> >database used user-level security and was encrypted.  This database has
> >sensitive information that we do not want our competition to get their
> >hands on.

> >In access they could not open the database unless they knew a valid
> >username and password.  However with SQL it appears to me that all
> >someone would have to do is attach the database file to MSDE or SQL
> >server installation then view the databases using their administrator
> >account.  So, now that we have upgraded this to SQL server and MSDE for
> >local users, how can I protect someone from getting the database files
> >(mdf & ldf) and attaching them to another SQL database then viewing the
> >data?

> >Or can I restrict all user access to the file, including administrators.

> >Thank you,

> >Brad W. Young

 
 
 

MSDE Security Vs Access Security

Post by mary chipma » Sun, 24 Sep 2000 04:00:00


i'd stay away from MSDE as a design environment -- the tools you need
to develop a robust SQL Server app simply aren't there. Install the
standard edition on NT so you get the Enterprise Manager, the Query
Analyzer, and the Profiler. MSDE is OK for distributing the finished
product to distributed users, but if you need to support a lot of
concurrent users, you want the full product and for everyone to be
connected on your network. FWIW, ADO recordsets are fully updatable
against the jet provider as long as you set the cursortype and
locktype properties appropriately.



>Hi,

>I am trying to decide if I should use MSDE or JET for our company database

>application engine. I am going to rewirte it from Access 2.0 and want to

>look ahead to the need for SQl as the backend. The documentation says it

>for up to 5 users, but I am wondering if it would handle up to 20 users.

>I want to start this project writing the code using ADO and not rely on

>Linked tables. I have found some problems writing ADO connections to the JET

>4.0 provider, where the recordset is not updateable (bummer). What do you

>think. I not sure but are the the Mary Chipman who write books on Access

>and DB's?

>Your help and experience would be invaluable. We eventually want to go to

>SQL server, but not now and I want to design as much as possible toward that

>end and MSDE would be a slam dunk

>Thanks again

>John Lombardo



>> you need to implement SQL Server security on the data. a good place to
>> start is SQL Books Online to familiarize yourself with the basic
>> concepts, many of which will be familiar to you. here's some mappings
>> you may find useful:

>> --the public role in SQL Server is the same as the Users group in
>> Access. permissions granted to public are granted to all, and everyone
>> must be a member of public.

>> --user-defined roles are the same as user-defined groups.

>> --the sa user account maps to the sysadmin fixed server role, and is
>> analogous to membership in the Admins group.

>> --SQL Server supports integrated security, which is the most robust.
>> this is something Access developers can only dream of <g>.

>> --SQL Server supports application roles, in which an application can
>> supply a password and activate the role. this means you don't have to
>> create a lot of different groupings if you have one set of permissions
>> to enforce for all users of the application.

>> On Wed, 20 Sep 2000 09:24:14 -0700, "Brad W. Young"

>> >We just upgraded an application from Access to MSDE.  In Access the
>> >database used user-level security and was encrypted.  This database has
>> >sensitive information that we do not want our competition to get their
>> >hands on.

>> >In access they could not open the database unless they knew a valid
>> >username and password.  However with SQL it appears to me that all
>> >someone would have to do is attach the database file to MSDE or SQL
>> >server installation then view the databases using their administrator
>> >account.  So, now that we have upgraded this to SQL server and MSDE for
>> >local users, how can I protect someone from getting the database files
>> >(mdf & ldf) and attaching them to another SQL database then viewing the
>> >data?

>> >Or can I restrict all user access to the file, including administrators.

>> >Thank you,

>> >Brad W. Young

 
 
 

1. Access 2000 Security VS. Access XP Security

I created a Visual Basic application that uses "Microsoft
ADO Ext. 2.5 for DDL and Security" to create and delete
Access security accounts.  My VB application works fine.  
I can open my Access 2000 database using a security
account created in the VB app.

However, when I install the application on a PC using
Windows XP and Access XP, I'm not able to open the
database with an account created in the VB app.  The
message I'm getting says "not a valid account name or
password".  Any ideas out there?

2. FS: FileMaker Pro 3.0

3. How to integrate Access application security with a SQL Server security

4. DALLAS-FORT WORTH COMPUTER JOBS

5. MS Access Security for an MSDE db

6. DTS Custom Task and VB.NET

7. security vs. access to a remote server

8. Informix replication (7.13.UC3) questions and problems

9. DB Security in Access vs. VB

10. web security vs fm access priveledges

11. SQL 7.0 vs Access 2000:file size and security control

12. Database Security and VB Front End Security

13. Application Security and NT Security Integration Questions