Controlling access to Microsoft Access databases
Maintaining the security of Microsoft Access databases created by iBase is largely a matter of applying controls by using the Security menu in iBase Designer. However, outside iBase, you need to consider file-level security settings for the database and security files, user accounts, and group policies.
Application level security
iBase uses a security file (.ids) to secure the iBase database (.idb file) from unwanted access. Only users who are known to the security file are allowed access to the database. For detailed information on setting up iBase application security using iBase Designer, see Security Files, Users and Groups.
Making a database available and secure
A single security file can be used to control access to more than one database file. The security file is normally placed in the same folder as the database files it secures. You should protect both the security and database files at the file system level. Some suggested permissions are given in the following table.
You must also ensure that all iBase users can access the database file from a folder to which they have both create and read/write permissions. iBase creates a temporary locking file in the folder. This locking file can be created and deleted by any iBase user.
The folder in which the database file is stored must be shared. This is required because iBase records the location of the database file in UNC format so that it can be located from any client machine on the network.
Suggested permissions for users
Files and folders | iBase System administrator | iBase users (not administrators) |
---|---|---|
Security file | Full Control | Read & Execute, Write |
Database file | Full Control | Read & Execute, Write |
Folders | Full Control | Modify, Read & Execute, and Write |
All Users folder in the application data area (for example, the Workgroup Templates folder) | Read & Execute Note: Only the Windows
administrator for the local machine has full control.
|
Read & Execute Note: You might want to change
the permissions on the file Settings.xml (by default, any user can change local
machine settings).
Note: Write permission might be required to any mapping application configuration files; for
details, see the iBase GIS Interfaces release notes.
|
User's personal folder in the application data (for example, the Templates folder) | Full Control (the default) | Full Control (the default) |
© Copyright IBM Corporation 1991, 2020.