Access is a microcomputer database management system published by MicroSoft in 1994. As a powerful MIS system development tool, it features user-friendly interface, easy to learn and use, simple development, and flexible interfaces. It is a typical New-generation data management and information system development tool. Compared with other Microsoft database products such as FOXPRO, Access
Access is a microcomputer database management system published by MicroSoft in 1994. As a powerful MIS system development tool, it features user-friendly interface, easy to learn and use, simple development, and flexible interfaces. It is a typical New-generation data management and information system development tool. Compared with other Microsoft database products such as FOXPRO, Access
Access is a microcomputer database management system published by MicroSoft in 1994. As a powerful MIS system development tool, it features user-friendly interface, easy to learn and use, simple development, and flexible interfaces. It is a typical New-generation data management and information system development tool. Compared with other Microsoft database products such as FOXPRO, Access has a unique advantage-it provides more powerful functions such as data organization, user management, and security check. In a working group-level network environment, the multi-user database management system developed using Access has a client Server (Cient/Server) That is incomparable to the traditional XBASE database system) structure and corresponding database security mechanisms. This article discusses the network application and security mechanism of the Access Database System in depth.
Establish an Access Security System
1. Create an Access workgroup
An Access workgroup is defined as a group of users who share one or more Access applications and add public SYSTEM. MDA libraries to their Access copies. The Access System Administrator (Admin user) grants these users the corresponding operation permissions on the database system, so that different users can Access the relevant database resources with different permissions, in the XBASE system, to implement such a function, database developers need to implement control in programming, which is not perfect.
Access provides a new application, MicrosoftAccessWorkgroupAdministrator, which can automatically create Access workgroup. For a working group, the Access SYSTEM administrator needs to use this program to create a new SYSTEM. MDA (or use any other file name :*. and direct the Access of each user in the Working Group to the new SYSTEM. MDA. As you can understand, a system database *. MDA corresponds to a working group.
2. Create an Access account in the workgroup
Access accounts include Access groups and Access users. An Access group consists of one or more Access user Members. During the Access installation process, Access automatically creates two user groups (Admins and Users) and one user (Admin) by default. These two user groups and ADMIN Users cannot be deleted. After logging on to the Access interface as a user (such as Admin) in the Admins user group, you can create a new Access group and user, and place the new user in the corresponding group.
The Admins group is an Access Administrator group. The Administrator group only includes Admin users. Users in this group have full permissions on the database by default and can manage other users and user groups. The Users Group is the default user group for Access. Each user, including the Admin and new Users, belongs to this group. Users in the Users Group have full permissions on the database.
3. Set the logon password of the Admin user
The Admin user's logon password is the security portal of the entire database system. Why? If there is no Admin logon password, all users' Access copies log on to the database as Admin, instead of using the username created by the Access administrator. Only the Admin logon password is set, access to start its security system, which is why the Admin user cannot be deleted.
4. Assign database Permissions
Database permissions are specific to a specific database. After an Access System Administrator (a user in the Admins group) opens a database that needs to be shared by the workgroup, the Access group and Access users in the workgroup can be assigned permissions based on the actual situation. Different Access database objects have different permission sets. There are six types of Access database objects, namely tables, queries, forms, reports, macros, and modules, which must be respectively authorized. The authorization to the Access group applies to each user in the group.
It should be emphasized that all permissions of the Users Group on the database must be blocked first. As mentioned above, all Access Users belong to the Users group, the Users Group has full permissions on database objects by default. Therefore, you must first block all the permissions of the database before you grant specific database permissions. We don't understand why Microsoft wants to grant all database permissions to the Users group. In practice, we think this is an error, it makes no sense to increase the work intensity and difficulty of the Access Administrator (because it is often possible to forget to block the permissions of the Users group so that the entire security system is essentially a virtual thing ). We believe that the Users Group should have the lowest permissions on database objects by default, which is the most effective and secure.
So far, the security mechanism of the entire Access database system has been basically established (see Appendix 2 for workflow details ). However, is such a database system truly secure? Not yet, because the Access security system itself has a large vulnerability. If you do not try to block this vulnerability, in some cases, the security system carefully established by the Access System Administrator will become meaningless. Next, we will discuss the causes of Access security system vulnerabilities and corresponding solutions.
Eliminate Access Security Vulnerabilities
1. Security vulnerabilities caused by Admin users
Why is there a security vulnerability in the Access system? This should start with the Admin user. We know that the Admin user is the default user of the Access system, that is, unless your Access system has been re-linked to a new workgroup security system after installation, you will use the default Admin user to log on to Access. Microsoft sets the user ID used to mark the Admin account as a fixed value, which means that Admin users in Access systems all over the world are the same user. In this way, the problem arises-if a user who has not been linked to your workgroup security system can obtain the Admin permission for your database system file at the Network File System level, he will have all rights to the database system as an Admin user! The second-level security mechanism established by Access itself does not play any role. this is too easy to happen-as long as a working group user re-installs the Access software on his computer, he will easily avoid the protection of your security system, as the default Admin user, record and operate any database system in the Working Group.
2. Solution
How can we solve the security vulnerabilities caused by Admin users? It is difficult to find the answer in the Access reference books on the market. In practice, we have come up with a set of effective solutions for your reference.
The basic idea is to shield Admin users from all database permissions. First, add a new user equivalent to Admin user in the Admins user group, for example? Ww ", then log on to the Access using the new user, withdraw the Admin user from the Admins user group, and shield the Admin user from all permissions on the database. In this way, the Admin user becomes an ordinary user, and the actual Database System Administrator becomes a new user (www), and your database security system plays a role in security protection for all users.
Conclusion
Although the Access system has some security vulnerabilities, it is still an excellent database management system on the microcomputer platform, in the database application field at the workgroup or department level, the database system developed with Access will truly implement the customer/Server database applications that can only be developed with large database management systems such as Oracle. At the same time, the modified Access security system also gives database administrators peace of mind in terms of database network security. Because Access applications in China started late and related technical materials were relatively lacking, this restricts the application of an excellent database product such as Access to a certain extent, we hope that through this article we will be able to give you a better understanding, understanding, and use of Access, so that more database products developed with Access are available on the domestic microcomputer platform.
