Security in Access Database

Posted on August 14, 2013 by giampy107

When developing an application for Access may be necessary to protect objects like tables, forms, or reports from unauthorized users. Microsoft Access implements a model of user-level security, so different users have different permissions on objects. The permissions that you can set for a table are different from those of a form or report. The security model of Access allows you to group the criteria for authorization classes of users, thereby creating working groups.
Before it opened a database, if we have the security model enabled, the jet engine prompts the user for his userid and password. The basic elements of the security model of Access are:

  • Users: people who will use the application or processes that are executed on a computer.
  • Groups: classes of users who require the same authorization policy to the same objects. A user can belong to more than one group at the same time, in order to inherit all the criteria for authorization.
  • Permits or authorizations: must be set for each user and group created and used to filter access to database objects.

As for the permissions, you must make a distinction between implicit permissions that are assigned to a group, from those expressed, which are those directly assigned to you.
Security information is stored on two separate files: the System Database or Workgroup Information File and the application itself. In the first file stores information about users and groups, and the second those relating to objects. When you install Microsoft Access Workgroup Information File is created by default: System.mdw. To create a new file should have access to protection from the Tools menu and then create all the users we need inserting them into the administrator group or users or other group created. After we created the users, we have to insert the specific permissions for database objects and to have x as the user can only view, but not modify the data in a given table “y”.
In addition to the manual creation of the security file, you can use an easy wizard, who once started:

  1. backing up application
  2. create a new workgroup information file
  3. figure the application
  4. create a new user in the Administrators group
  5. makes the new ownership of all objects in the database, including the database object itself
  6. assign a password for the Administrator
  7. removes the Admin user from the Administrators group
  8. cancels all permissions to the group of users
  9. creates a link file, which allows the application to use this workgroup information file
  10. create a report in print preview on safety

Obviously there may be some differences according to various versions of Microsoft Access. Protection from the tools menu, then we can modify users, groups and permissions of the workgroup information file that we just created.
To administer security in an Access application so we need to perform these activities:

  1. creating and deleting users
  2. creating and deleting groups
  3. Password Management
  4. maintenance of permits

These activities can be carried out both at the level of programming with VBA, which with the tools of protection enabled in the database. As for the various business applications that normally distribute free as Calus, FattAccess or Vikings, I prefer to build them and then hold the tool protection enabled so that users can manage everything to your liking.

This entry was posted in Database and tagged . Bookmark the permalink.