Securing and Administering Access
(Page 1 of 11 )
This chapter addresses the issue of database privacy, integrity, and security. The main purpose for database security is to prevent both inadvertent and intentional damage to the data and the database objects. Proper security measures prevent anyone who might view or edit the information from gaining unauthorized access. They also prevent anyone from making design changes without express permission to do so. You can protect both the data and the design elements with a variety of approaches. This chapter is from
Microsoft Office Access 2003 QuickSteps, by Cronan, Anderson, and Anderson (McGraw-Hill/Osborne, 2004, ISBN: 0072232293).
Establish User-Level Security
In a multi-user environment, security becomes both more essential and more complicated. Not all users need to have access to all the data or all the design elements in the database. One way to create security is to organize users in groups, each of which has specific responsibilities. This information is stored in the Workgroup Information file (WIF).
Understand the User-Level Security Model
The user-level security model is based on the idea of workgroups whose members share the data and privileges. The group and user accounts list the members of the workgroup. A group account is a collection of user accounts. Each member of the group is permitted some degree of freedom in dealing with data and objects. A user account belongs to a single user and includes the user name and personal ID (PID).
The four pieces of a user-level security model are:
- A user is a person who uses the database.
- A group is a set of users, all of whom operate at the same security level and need access to the same parts of the database.
- A permission gives a user or group the right to carry out a specific action. For example, Read Data permission allows opening a table or query for viewing but not for entering new data or editing existing data.
- An object refers to any of the Access tables, queries, forms, reports, macros, or modules—as well as to the database itself.
QUICKSTEPS: Deciding Who Needs What Permisions Depending on what the user needs to do with the database, you can assign her to any of the groups provided by the User-Level Security Wizard. To give a user more permissions than one group has, you can assign that user to more than one group. - Backup Operators can open the database exclusively for backup and compacting but are not permitted to see any of the database objects.
- Full Data Users have full permission to edit data but are not allowed to make any design changes.
- Full Permissions have full permissions on all database objects but are not allowed to assign permissions to others.
- New Data Users can read and insert data but are not allowed to delete or update existing data. They are also not allowed to alter any object designs.
- Project Designers have full permission to edit data and all objects but are not allowed to alter any tables or relationships.
- Read-Only Users can read all the data but are not allowed to change data or any design object.
- Update Data Users can read and update all data but are not allowed to insert or delete data. They are also not allowed to make any design changes.
|
This chapter is from Microsoft Office Access 2003 QuickSteps, by Cronan, Anderson, and Anderson (McGraw-Hill/Osborne, 2004, ISBN: 0072232293). Check it out at your favorite bookstore today.
Buy this book now. |
Next: Secure the Database with the User-Level Security Wizard >>
More Microsoft Access Articles
More By McGraw-Hill/Osborne