Solved

Protecting my Access database

Posted on 2009-07-04
6
283 Views
Last Modified: 2013-12-13
I have an Access database that I send out to clients as an MDE file.  I have some security built into the code, but my concern is mainly along the lines of someone being able to decompile it and getting into the code/forms (via a third party product) .

I do appreciate that most of my clients wouldn't go down this route, but I feel that I need to know how secure things are.
0
Comment
Question by:Andy Brown
6 Comments
 
LVL 77

Accepted Solution

by:
peter57r earned 300 total points
ID: 24777214
You might want to look at this.

http://www.everythingaccess.com/mdeprotector.htm

One service offered by that site is to reverse engineer an mde to an mdb.
0
 
LVL 57

Assisted Solution

by:Jim Dettman (Microsoft MVP/ EE MVE)
Jim Dettman (Microsoft MVP/ EE MVE) earned 100 total points
ID: 24777254
<<I have an Access database that I send out to clients as an MDE file.  I have some security built into the code, but my concern is mainly along the lines of someone being able to decompile it and getting into the code/forms (via a third party product) .>>
  A MDE is simply a MDB with all the source code stripped out.  For someone to get your source code, they would need to de-compile all the pcode.
 To my knowledge, no one has ever done that to date (created a VBA de-compiler). There are a couple of companies out there that can read the p-code and glean things from it and write *new* code that is equivalent, but they cannot simply take your project and de-compile it effortlessly.  It takes quite of bit of doing to get equivalent source code. So all in all, someone would need to go through a lot of effort to even come close to the source.
 As for the objects, that's a different story.  A MDE does nothing to protect those.  Only user level security does that and it's easily breakable.  Anyone can get you object definitions and properties from a MDB or MDE.
JimD.
0
 
LVL 38

Assisted Solution

by:Jim P.
Jim P. earned 100 total points
ID: 24777276
The other thing to do is put in a trademark or copyright notice with contact info at the top of every module and create and "about" box that gives your contact info as well.

Most scrupulous companies that would do a reverse engineering type thing would hopefully contact you that they had been asked to do it. Or reject the request out of hand.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Closing Comment

by:Andy Brown
ID: 31599777
Thanks guys - that's some really good information.  I think I'll purchase the "source code protector" (as it can only be a good thing).
0
 
LVL 38

Expert Comment

by:Jim P.
ID: 24777337
Glad to be of assistance. May all your days get brighter and brighter.
0
 

Author Comment

by:Andy Brown
ID: 24777342
Thank you - you also.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question