Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 198
  • Last Modified:

What form of security can one have for mobile applications?

I am bulding an application for the sales department of a company. Salesmen will run this programm on their laptops while they visit the customer or at their home.
The programm uses MS Access for the database needs.

What i need is some sort of basic security for the data the database is currying. Because of the way the application will be run (mobile - database on the same computer) having a user/pass authentication scheme for accessing the db would be obsolete as one could just open the mdb file and fetch all the data (correct me if im wrong).

I tryed to password protect the access db so it would require the correct password when someone tryes to open it, but while the db was password protected i could not access it through visual basic no matter which way i tryed (!).


Has anyone faced a similar need for security? What was your solution?
0
babbos
Asked:
babbos
  • 6
  • 4
1 Solution
 
IeuanJCommented:
The command below is how you connect to an Access DB with password protection (Using ADO), presuming your password is Wally.  Try this as it should work.

conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;" & _
          "Data Source=locationpath\file.mdb" & _
           "Jet OLEDB:Database Password=wally;"
0
 
babbosAuthor Commented:
i tryed this:
dim db as database
set db = OpenDatabase(fname_master, , , "Provider=Microsoft.Jet.OLEDB.4.0;" & _
         "Data Source=" & fname_master & " Jet OLEDB:Database Password=zity")


...where fname_master is a global var that has the full  file path to the db, and zity is the password.
Yet i get an error saying that the password is not correct (run time error '3031': Not a valid password) ... The password is correct ofcourse :/
I use ms access 2002 (office XP) and vb 6.0
0
 
IeuanJCommented:
Hi again Babbos, this works as far as I can tell, I tested it myself on an access database, this uses the more conventional ADO method rather than opendatabase.  The example below shows a quick count of records from a table.

Private Sub Form_Load()
  Dim myConn As ADODB.Connection
  Dim myRS As ADODB.Recordset
  Dim strConn As String

  Set myConn = New ADODB.Connection
  Set myRS = New ADODB.Recordset
  strConn = "Provider=Microsoft.Jet.OLEDB.4.0;" & _
            "Data Source=" & fname_master & ";" & _
            "Jet OLEDB:Database Password=zity"

  myConn.Open strConn
  myRS.Open "select count(*) as COU from testdata", strConn
  MsgBox myRS!COU

  myRS.close
  myConn.close
End Sub


The only other possibility would be an incorrect password (have you checked case etc.) or less likely some sort of file access violation.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
IeuanJCommented:
sorry have noticed a small problem in your code that might actually be what is going wrong.

"Provider=Microsoft.Jet.OLEDB.4.0;" & _
        "Data Source=" & fname_master & " Jet OLEDB:Database Password=zity"

Should be...

"Provider=Microsoft.Jet.OLEDB.4.0;" & _
        "Data Source=" & fname_master & "; Jet OLEDB:Database Password=zity"

Unless fname_master is terminated with a semi-colon already.

The semi-colon is needed to seperate out parameters in the connection string, an error I also made in my first post (sorry), though this should return a diffeent error of could not find database....
0
 
babbosAuthor Commented:
i also noticed the missing semi collon and tryed it with it but the error is still the same :/
Does this work for you?
0
 
IeuanJCommented:
My ADO code works for me.  The method you are using is DAO which I have always found to be very awkward, I think password protection is normally at a level below (such as querydefs) but am not certain.

If it's not too much to change I think you would be best advised useing ADO as it is much moe flexible.
0
 
babbosAuthor Commented:
thanks for the tip, i wish i knew that earlier, now i have to convert all my code to use the ADO model
0
 
IeuanJCommented:
Is it a large conversion ?  If not then it's worth it, if it is large enough to cause you a headache then perhaps some other form of password protection would be a better option, either controlled from within the client or a username & password type tabel in the database itself, as you said it wouldnt protect the file but would stop the client being used by unauthorised peoples although permission could be set on the file so only certain NT accounts could access it.

Sorry I couldnt help more with your original question, the only times I have used DAO is via DSN's to large Oracle databases and the authentication was handled via integrated NT logins through the DSN.  After that we switched to ADO to standardise.
0
 
babbosAuthor Commented:
ADO should be my choise in the first place indeed :/

It wont be a very big headache to convert my code, thanks!!! :)
0
 
IeuanJCommented:
Your welcome.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now