Organization of protection given in DBMS MS Access

The Essential function any developed DBMS is a provision of protection given from unauthorized access. Obviously that full-fledged with standpoint of reliability and stability mode protection can be provided only within the framework of industrial managerial system at condition of the complex realization of the measures programme, hardware and administrative nature. Before the present paragraph is put(deliver)ed more modest problem - on example MS Access to describe on principle level that approaches, which are used in DBMS For provision of programme protection data.

MS Access provides two traditional ways of protection database:

• installing the password, required at opening database
• protection at a rate of determinations of the rights of the users, which allows to limit possibility of the reception or change to one or another information in database for concrete user

Besides, possible delete the changeable program Visual Basic from database to prevent change the structure of the forms, reports and modules, having saved database as file MDE.

Installing the password on opening database presents itself simplest way of protection. After password is installed (the function menu Service > Protection > Assign the password a database), under each opening database will appear the dialogue window, in which is required enter the password. Open the database and gain access to her(its) resource can get only that users, which will enter the correct password. This way it is enough reliable (MS Access encodes the password so to him no direct access when reading the file database). However check is conducted at opening database only whereupon all her(its) objects become completely available. As a result, installing the password usually turns out to be the sufficient protective action for database, which are together used by small group of the users or are installed on autonomous computer.

Much more reliable and flexible way to organizations of protection is protection at a rate of users. He is befitted way, used in majority of the network systems. The Process of the task of protection at a rate of users consists of two principle stages:

• making the system of the users, united in groups (Service > Protection > Users and groups)
• task of the rights of the access of the different users and groups to object database (Service > Protection > Permits)

Information on system of the users is saved in special file, named a file of the working group. By default this file System.mdw. However by means of special program, falling into supply Access, different database possible to associate with different file of the working group. When start Access from users is required identify itself and enter the password. The Separate users can unite in groups moreover the same user can be a member of the different groups. Such organization of the system of the users allows very flexible manipulate the set of their rights of the access, coming from functional specifics of the application domain. In file of the working group Access by default two groups: managers (the group Admins) and group Users, in which are included all users. Determination of the other groups is Allowed also. The Process of the making the system of the users and determinations their accesories to group is shown on drawing.

Both group, and user are given permits on access, defining possible for them actions to each object database. The Set of the possible rights, obviously, is defined by specifics of the object. So, to example, list gradation permits on work with screen form is shown on drawing.

By default members of the group Admins have all permits on access to all object database. Since group Users unites all users that she makes sense assign certain minimum set of the rights. Hereinafter, there is possibility to install the more furcating structure of control, creating own account writing the groups, giving this group corresponding to permits and adding users in them. The Process of the task of the rights of the access of the users on work with the forms database TradeTest is shown on drawing.

Finishing talk about system of protection, once again подчеркнем that her(its) efficient realization possible only on base of the detailed study of the functional structure of the automatic object and careful designing managerial system data.

The author: Y.N.Antonov Is added: 23.06.2008