Share this Page URL

Chapter 19. Implementing Security > Hiding Database Objects - Pg. 666

Implementing Security 666 Securing Database Objects As we mentioned earlier, there are two primary approaches to securing your Access database. User- level security is appropriate for most situations and provides probably the best defense against casual hackers. To protect against those who are more aggressive, user-level security might be insufficient. The second method, called the database-level security, can provide another layer of defense that can be harder to foil. This approach essentially defends your database by securing individual database objects (for example, password-protecting code or hiding individual database objects) or by securing the database as a whole (for example, encoding the database or adding a startup password). Access provides a number of means for securing your database in this way. We'll group these into two categories: obfuscation methods and authentication methods. Obfuscation Methods The idea behind obfuscation is, in a sense, to try to outsmart the hacker by making something obscure or hidden that might otherwise be obvious or plain. Access provides ways to obfuscate your database objects and, in turn, your data. In an important sense, obfuscation methods don't really secure your data, and so you should not depend on obfuscation methods alone. Still, obfuscation can be an important aspect of an overall security approach. In Access, you can hide objects, encode the database, and save your database as a compiled binary file. Let's look at each of these tech- niques in turn. Hiding Database Objects At best, it's a stretch to call hiding database objects a security method. Hiding and unhiding a da-