需要安全性 - 替换Access? [英] Security required - replace Access?
问题描述
您好。
我正在开发一个当前使用DAO连接到
Access 97数据库的应用程序。该数据库由
专门创建并使用该产品来存储
产品操作期间的搜索结果和统计数据。存储在一个数据库中的搜索次数
变化很大(一个用户可能只做100个,而另一个用户可能做1个/ b
b)。
存储搜索结果后,产品使用包含SUM
函数的SELECT语句提供结果摘要。
对产品的新要求是这些结果被加密
,因为它们无法在产品外部查看
尽管有任何合理的确定尝试这样做。
我首先考虑使用密码和worgroup权限,但是它会显示这种保护是不够的。然后我考虑加密每个有问题的字段,但是这些字段也是我想要执行SUMs的那些字段,所以我再也不能使用它了
并且必须实现我自己的函数来解密每个字段并保持
runnting total。初步调查似乎证实这是非常缓慢的 - 这是否有任何关于如何改善这个性能的建议?解密算法本身的性能是合理的,所以我认为执行总和的算法可能是在
错误(简单的MoveFirst,GetFieldValue,解密,添加到总数) ,
MoveNext) - 如何正常实现SUM?
假设我无法通过加密获得性能,我会有
来看替换Access。我想要免版税的发行版,所以
最初看的是MSDE - 这本身就能提供我需要的安全吗?实施MSDE有任何重大缺点吗?我还应该调查其他RDMBS吗?
您可以给我任何建议。提前致谢,
Duncan
Stav写道:你好。
我正在开发一个当前使用DAO连接到Access 97数据库的应用程序。数据库由产品创建并由产品专用,用于在产品运营期间存储搜索结果和统计数据。存储在一个数据库中的搜索次数差异很大(一个用户可能只做100个,而另一个用户可能做1个百万个)。
一旦存储了搜索结果,该产品使用包含SUM
函数的SELECT语句提供结果摘要。
对产品的新要求是这些结果在这样的情况下被加密
尽管有任何合理确定的尝试,但我们无法在产品的外部查看它们。
我首先考虑使用密码和worgroup权限,但它似乎会出现这个保护不足。然后我考虑加密每个有问题的字段,但是这些字段也是我想要执行SUMs的那些字段,所以我再也不能使用它们了
并且必须实现我自己的功能解密每个字段并保持总计。初步调查似乎证实这一点非常缓慢 - 有没有关于如何改善这种性能的建议?解密算法本身的性能是合理的,所以我认为执行总和的算法可能是错误的(只需MoveFirst,GetFieldValue,解密,添加到total,
MoveNext) - 如何正常实现SUM?
假设我无法通过加密获得性能,我将看看替换Access。我想要免版税的发行版,所以最初看看MSDE - 这本身就能提供我需要的安全性吗?实施MSDE有任何重大缺点吗?还有其他的RDMBS我还应该调查吗?
您可以给我任何建议。提前致谢,
Duncan
你不能使用带有数据库密码的后端数据库吗?
但是,任何安全性都可以很容易地进入任何Access数据库。
我认为SQL Server允许您创建应用程序安全性但是避风港't $ / b
自己用它。
Br @ dley
这就是什么我想我需要这样做,因此我为什么要考虑例如
MSDE。在逐个字段的基础上进行加密感觉就像跳过
箍来获取Access工作对我来说,当替换它是正确的
解决方案。但是,替换后端数据库将是一个相当大的工作,所以我想确保在考虑之前我已经考虑了所有选项
- 然后我我必须考虑选择合适的替代品(不要......)b $ b想要的东西太重了。
干杯。
Br @ dley写道:Stav写道:你好。
我正在研究目前使用DAO的应用程序连接到
Access 97数据库。数据库由产品创建并专门用于
,以便在产品运营期间存储搜索结果和统计数据。存储在一个数据库中的搜索次数差异很大(一个用户可能只做100个,而另一个用户可能做1个百万个)。
一旦存储了搜索结果,该产品使用包含SUM
函数的SELECT语句提供结果摘要。
产品的新要求是这些结果是
加密在这样的尽管有任何合理确定的尝试,但我们无法在
产品的外部查看它们。
我首先考虑使用密码和worgroup权限,但它会显示这个保护不足。然后我
考虑加密每个有问题的字段,但这些字段是
也是我想要执行SUMs的那些,所以我再也不能使用它们了
并且必须实现我自己的功能解密每个字段并保持
的总算量。初步调查似乎证实这是
非常慢 - 有没有关于如何改善这个
表现的建议?解密算法本身的性能是合理的,所以我认为执行总和的算法可能是
故障(简单的MoveFirst,GetFieldValue,解密,添加到总计,
MoveNext) - 如何正常实现SUM?
假设我无法通过加密获得性能,我将
必须考虑替换Access。我想要免版税的发行版,所以
最初看过MSDE - 这本身就能提供我需要的安全
吗?实施MSDE有任何重大缺点吗?我还应该调查其他RDMBS吗?
您可以给我任何建议。在此先感谢,Duncan
你不能使用带有数据库密码的后端数据库吗?
但是,很容易打入任何Access数据库
无论安全性如何。
我认为SQL Server允许您创建应用程序安全性,但是
我自己没有使用它。
Br @ dley
2005年4月19日03:19:46 -0700, du *********** @ gmail.com (Stav)写道:
我看到了几个选项:
*以这样的方式存储搜索数据它不容易人类可读但是对于相同的值它是相同的。
说搜索firstname ='Joe''"
记录为2 ='''Kpf''"
$每当我们搜索Joe时,b $ b。您可以先对这些数据求和,然后稍后解密:
Msgbox Decrypt(DSum(EncryptedField,SomeTable))
(注意:我不建议在需要速度时使用DSum - 这只是
的插图)
*选择总和(Decrypt(EncryptedField))来自SomeTable
在这里,您正在使用SQL来重复召唤您的公众
重复解密模块中的功能。当然这个功能是针对速度优化的
。没有错误处理程序。
*与老板争论这个
数据需要加密。
-Tom。
你好。
我正在开发一个当前使用DAO连接到一个应用程序的应用程序访问97数据库。数据库由产品创建并由产品专用,用于在产品运营期间存储搜索结果和统计数据。存储在一个数据库中的搜索次数差异很大(一个用户可能只做100个,而另一个用户可能做1个百万个)。
一旦存储了搜索结果,该产品使用包含SUM
函数的SELECT语句提供结果摘要。
对产品的新要求是这些结果在这样的情况下被加密
尽管有任何合理确定的尝试,但我们无法在产品的外部查看它们。
我首先考虑使用密码和worgroup权限,但它似乎会出现这个保护不足。然后我考虑加密每个有问题的字段,但是这些字段也是我想要执行SUMs的那些字段,所以我再也不能使用它们了
并且必须实现我自己的功能解密每个字段并保持总计。初步调查似乎证实这一点非常缓慢 - 有没有关于如何改善这种性能的建议?解密算法本身的性能是合理的,所以我认为执行总和的算法可能是错误的(只需MoveFirst,GetFieldValue,解密,添加到total,
MoveNext) - 如何正常实现SUM?
假设我无法通过加密获得性能,我将看看替换Access。我想要免版税的发行版,所以最初看看MSDE - 这本身就能提供我需要的安全性吗?实施MSDE有任何重大缺点吗?还有其他的RDMBS我还应该调查吗?
您可以给我任何建议。提前致谢,
Duncan
Hi there.
I''m working on an application that currently uses DAO to connect to an
Access 97 database. The database is created by and used exclusively by
the product to store search results and statistics during the
product''s operation. The number of searches stored in one database
vary a lot (one user might only do 100 whilst another might do 1
million).
Once the search results have been stored, the product provides a
summary of the results using SELECT statements containing SUM
functions.
A new requirement for the product is that these results be encrypted
in such a way as that they cannot be viewed externally of the product
despite any reasonably determined attempt to do so.
I first considered using passwords and worgroup permissions but it
would appear that this protection is insufficient. I then considered
encrypting each of the fields in question, but these fields are also
the ones I want to carry out SUMs of, so I could no longer use them
and must implement my own function to decrypt each field and keep the
runnting total. Initial investigation seems to confirm this to be very
slow - are there any suggestions on how the performance of this could
be improved? The performance of the decryption algorithm itself is
reasonable, so I think my algorithm for performing the sum might be at
fault (simply MoveFirst, GetFieldValue, decrypt, add to total,
MoveNext) - how would one implement SUM normally?
Assuming I cannot get the performance up using encryption, I will have
to look at replacing Access. I want royalty-free distribution, so
initially looked at MSDE - will this inherently offer the security I
require? Are there any major downsides to implementing MSDE? Are there
other RDMBSs that I should also investigate?
Any advice you can offer me welcome. Thanks in advance,
Duncan
Stav wrote:Hi there.
I''m working on an application that currently uses DAO to connect to an
Access 97 database. The database is created by and used exclusively by
the product to store search results and statistics during the
product''s operation. The number of searches stored in one database
vary a lot (one user might only do 100 whilst another might do 1
million).
Once the search results have been stored, the product provides a
summary of the results using SELECT statements containing SUM
functions.
A new requirement for the product is that these results be encrypted
in such a way as that they cannot be viewed externally of the product
despite any reasonably determined attempt to do so.
I first considered using passwords and worgroup permissions but it
would appear that this protection is insufficient. I then considered
encrypting each of the fields in question, but these fields are also
the ones I want to carry out SUMs of, so I could no longer use them
and must implement my own function to decrypt each field and keep the
runnting total. Initial investigation seems to confirm this to be very
slow - are there any suggestions on how the performance of this could
be improved? The performance of the decryption algorithm itself is
reasonable, so I think my algorithm for performing the sum might be at
fault (simply MoveFirst, GetFieldValue, decrypt, add to total,
MoveNext) - how would one implement SUM normally?
Assuming I cannot get the performance up using encryption, I will have
to look at replacing Access. I want royalty-free distribution, so
initially looked at MSDE - will this inherently offer the security I
require? Are there any major downsides to implementing MSDE? Are there
other RDMBSs that I should also investigate?
Any advice you can offer me welcome. Thanks in advance,
Duncan
Can''t you use a backend database with a database password?
However, it is quite easy to break into any Access database regardless
of any security.
I think SQL Server allows you to create application security but haven''t
used it myself.
Br@dley
That''s what I think I''ll need to do, hence why I''m considering e.g.
MSDE. Encrypting on a field-by-field basis feels like jumping through
hoops to get Access to work for me, when replacing it is the proper
solution. However, replacing the backend DB is going to be quite a big
job so I want to make sure I''ve considered all options before doing so
- and then I have to think about choosing the right replacement (don''t
want something too heavyweight).
Cheers.
Br@dley wrote:Stav wrote:Hi there.
I''m working on an application that currently uses DAO to connect to an Access 97 database. The database is created by and used exclusively by the product to store search results and statistics during the
product''s operation. The number of searches stored in one database
vary a lot (one user might only do 100 whilst another might do 1
million).
Once the search results have been stored, the product provides a
summary of the results using SELECT statements containing SUM
functions.
A new requirement for the product is that these results be encrypted in such a way as that they cannot be viewed externally of the product despite any reasonably determined attempt to do so.
I first considered using passwords and worgroup permissions but it
would appear that this protection is insufficient. I then considered encrypting each of the fields in question, but these fields are also the ones I want to carry out SUMs of, so I could no longer use them
and must implement my own function to decrypt each field and keep the runnting total. Initial investigation seems to confirm this to be very slow - are there any suggestions on how the performance of this could be improved? The performance of the decryption algorithm itself is
reasonable, so I think my algorithm for performing the sum might be at fault (simply MoveFirst, GetFieldValue, decrypt, add to total,
MoveNext) - how would one implement SUM normally?
Assuming I cannot get the performance up using encryption, I will have to look at replacing Access. I want royalty-free distribution, so
initially looked at MSDE - will this inherently offer the security I require? Are there any major downsides to implementing MSDE? Are there other RDMBSs that I should also investigate?
Any advice you can offer me welcome. Thanks in advance,
Duncan
Can''t you use a backend database with a database password?
However, it is quite easy to break into any Access database
regardless of any security.
I think SQL Server allows you to create application security but haven''t used it myself.
Br@dley
On 19 Apr 2005 03:19:46 -0700, du***********@gmail.com (Stav) wrote:
I see a couple of options:
* Store the search data in such a way it is not easily humanly
readable but it is the same for same values.
Say a search for "firstname=''Joe''"
is recorded as "2=''Kpf''"
every time we search for Joe. You can sum over this data first, and
decrypt later:
Msgbox Decrypt(DSum("EncryptedField","SomeTable"))
(Note: I do NOT recommend DSum when speed is required - this is just
for illustration)
* Select sum(Decrypt(EncryptedField)) from SomeTable
Here you''re having SQL do the heavy lifting of calling your public
Decrypt function in a module repeatedly. Of course this function is
optimized for speed. No error handler.
* Go to battle with the boss about the need for encryption on this
data.
-Tom.
Hi there.
I''m working on an application that currently uses DAO to connect to an
Access 97 database. The database is created by and used exclusively by
the product to store search results and statistics during the
product''s operation. The number of searches stored in one database
vary a lot (one user might only do 100 whilst another might do 1
million).
Once the search results have been stored, the product provides a
summary of the results using SELECT statements containing SUM
functions.
A new requirement for the product is that these results be encrypted
in such a way as that they cannot be viewed externally of the product
despite any reasonably determined attempt to do so.
I first considered using passwords and worgroup permissions but it
would appear that this protection is insufficient. I then considered
encrypting each of the fields in question, but these fields are also
the ones I want to carry out SUMs of, so I could no longer use them
and must implement my own function to decrypt each field and keep the
runnting total. Initial investigation seems to confirm this to be very
slow - are there any suggestions on how the performance of this could
be improved? The performance of the decryption algorithm itself is
reasonable, so I think my algorithm for performing the sum might be at
fault (simply MoveFirst, GetFieldValue, decrypt, add to total,
MoveNext) - how would one implement SUM normally?
Assuming I cannot get the performance up using encryption, I will have
to look at replacing Access. I want royalty-free distribution, so
initially looked at MSDE - will this inherently offer the security I
require? Are there any major downsides to implementing MSDE? Are there
other RDMBSs that I should also investigate?
Any advice you can offer me welcome. Thanks in advance,
Duncan
这篇关于需要安全性 - 替换Access?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
