secure my access problem, Importing the Database.

[naveen prasad]

hi all
I have created a small project and my project max I can

In all forms design view, allow design view option NO.
mainly at tools->start up- unchecked all below

1.Display database window.
2.Display status bar
3.Allow Full menus
4.Allow default shortcuts.
5.Built in toolbars
6.Tool bar menu/ changes
7. Access special keys.

and finally created an MDE file also.

when my mde file is executed no problem in using the project , and secured
database windows. even we cannot right click the form to see properties also.


My problem is , if suppose a new access file is created and opened, normally
we will have database window to create all tables, queries and forms ,,etc.
in database creation , we can Import all the tables which are in my MDE File,
and same with queries also we can import to here ,

How can I secure my MDE File with this Importing.

It would be great help to me,

thanks in advice....

 

[John W. Vinson]

My problem is , if suppose a new access file is created and opened, normally
we will have database window to create all tables, queries and forms ,,etc.
in database creation , we can Import all the tables which are in my MDE File,
and same with queries also we can import to here ,

If you are attempting to make it impossible for a user to obtain a computer
readable copy of the data in your database, you're doomed to failure. If the
user is allowed to *see* the data on the screen, then they could use a screen
capture utility and optical character recognition to make their own copy, even
if you really lock down the database tight! And if they are not allowed to see
the data in the database... of what use is the database???

Could you explain your security environment? What are the users allowed to do,
and what should they not be allowed to do? What behavior are you trying to
prevent?

 

[naveen prasad]

Dear thank you for your response.

I am trying to prevent users to access my database tables Import from my MDE
FILE.

almost everything looks secured well but this is the only problem i have.

From a new access mdb file they are able to export tables of my MDE file
which I want to secure.

Please help me how can I make it disable to export

 

[John W. Vinson]

Please help me how can I make it disable to export

I know of no way to do so without also making it impossible for the users to
see and use the data through your application.

 

[naveen prasad]

Dear then if its not secured , then Its a failure to me...
any Help?

pls...

 

[John Spencer]

As John has said, if your users are authorized to use the database then there
is not any secure way to keep them from accessing the database via some other
route.

You can do some things to make it more difficult. One is to use User-level
security on the data if you are storing it in Access (Jet) database.
Microsoft has a document on implementing security on their site. I don't have
a reference to the document right now.

Download the document, read it, read it again.
Make a COPY of your data and front-end application
With the copy experiment until you are confident on implementing security

Your users can still get in if they know how to log in using the proper workgroup.

Another possibility is to use SQL server as the location for storing your
data. Control all access to the data by implementing views and procedures to
return the records you want your users to work with. Give users permissions
on the view and procedures, but do not allow them to touch the tables directly.

If your Access (Jet) backend is on a file server. You can do some things with
the file server to slow the users down by using permissions. If your backend
is located at
J:\InfoSysDev\Information\MyDataBase
Grant the users full permissions to MyDatabase
Don't allow them permissions to the Information directory

This should allow them to access the information in MyDatabase, but they will
not be able to navigate to the folder MyDatabase or even see it if they are
using Windows Explorer. They can still get access if they know the path and
enter it by typing the full path.

John Spencer
Access MVP 2002-2005, 2007-2010
The Hilltop Institute
University of Maryland Baltimore County

 

[John W. Vinson]

Dear then if its not secured , then Its a failure to me...

Could you explain the need for security?

Are your employees allowed to use your database?
When they see your database do they see the data that you are trying to
secure?
is it possible for them to write down the data with a pencil on a pad of
paper, or do a screen capture, or take a photograph of the screen?

I do understand that you want to prohibit saving a table as an external file.
But that prohibition does not prohibit your users from getting data out of the
database... does it?

 

[Jugan Tarji]

Hi I have had a similar problem which I believe I have managed to sort in a fairly crude way.

I have the front-end (accde) and back-end encrypted and password protected, then I have created another database with password-protected code to open the accde with-out a prompt for a password - available at

Function OpenPasswordProtectedDB()

'Define as Static so the instance of Access
'doesn't close when the procedure ends.
Static acc As Access.Application
Dim db As DAO.Database
Dim strDbName As String
strDbName = "C:\Databases\Mydatabase.accde"
Set acc = New Access.Application
acc.Visible = True
Set db = acc.DBEngine.OpenDatabase(strDbName, False, False, ";PWD=password")
acc.OpenCurrentDatabase strDbName
db.Close
Set db = Nothing
End Function

http://support.microsoft.com/kb/235422. Now if anyone tries to import the tables access prompts for a password.

If you do choose this way you need to make sure that all your users save the front-end (accde/mde) and extra database in a set place on their respective PCs. I have chosen to create a video "watchme" file to show users they need to save on "C:\Databases"

HTH