How to prevent importing tables

[Guest]

Hello

We have a small database intended for retail sale. We have converted it to
an mde and have locked it down regarding security and startup options etc.
We have also hidden several of the critical tables and queries. The problem
is, if I open a new database in Access and have set my options correctly, I
can import all of the tables and queries.

To protect our investment, does anyone know how we prevent this type of
importing?

Any help appreciated.

 

[Rick Brandt]

Hello

We have a small database intended for retail sale. We have converted
it to an mde and have locked it down regarding security and startup
options etc. We have also hidden several of the critical tables and
queries. The problem is, if I open a new database in Access and have
set my options correctly, I can import all of the tables and queries.

To protect our investment, does anyone know how we prevent this type
of importing?

Any help appreciated.

You have to deny all permissions to tables and use "Run With Owner's
Permissions" queries instead. Then the tables cannot be imported and if a
user imports a query it is useless without the tables it is based on.

 

[Guest]

Thanks Rick!

You have to deny all permissions to tables and use "Run With Owner's
Permissions" queries instead. Then the tables cannot be imported and if a
user imports a query it is useless without the tables it is based on.

 

[Guest]

Hi, Rick.

if a
user imports a query it is useless without the tables it is based on.

And an experienced SQL writer can easily extract the data from the secured
database into the new database with these RWOP queries. This may not be all
of the data in all of these critical tables, but I'll bet that it's data
which Connie intends to protect.

Connie, if you truly need to secure the data, use a client/server database
to hold the data, not a file-based database, like Access.

HTH.

Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips.

(Please remove ZERO_SPAM from my reply E-mail address, so that a message
will be forwarded to me.)
Beware to those who use munged addresses: known newsgroup E-mail harvesters
for spammers are (e-mail address removed) and (e-mail address removed)

- - -
When you see correct answers to your question posted in Microsoft's Online
Community, please sign in to the Community and mark these posts as "Answers,"
so that all may benefit by filtering on "Answered questions" and quickly
finding the right answers to similar questions. Remember that questions
answered the quickest are often from those who have a history of rewarding
the contributors who have taken the time to answer questions correctly.

 

[Guest]

Hi Gunny
Thanks for the info. The development of the database is complete. It is a
small program with a single function that we have packaged and want to
distribute across the country and beyond. I might be wrong, but I don't
think client/sever is what we are looking for in the above scenario.

It is suprising to me however, that even though we secured it to the max, I
can still import the tables and queries into a new access database. Can't
touch the forms, reports, macros, and modules. We would really love it if we
could find a way to do the same with the tables and queries. If you have any
ideas, I would appreciate it

Thanks
Connie

 

[Chris Mills]

I suspect Client/Server is not really any more secure than Access in this
situation.

The client and/or the program must have suitable passwords and therefore
accessibility to extract the data.

The problem is the client is allowed to see the data, but hopefully only by
"Connie's approved method" (presumably a form), which must also attempt to
remove all Copy-type methods (ctrl-C, datasheet view, etc).

The only way I can see to prevent a client viewing/copying data by other than
the "approved method", is to encrypt the data. Whether even this is secure,
could be arguable. This would be in addition to RWOP, which assists hiding
table design if not data.

"intended for retail sale" is the worst possible environment, because there
are no other "site control" methods available. But it's also unusual to want
to protect data, as against program, for a "retail sale". It is not really
clear what Connie is selling (program or data).

Chris

 

[Chris Mills]

We would really love it if we

could find a way to do the same with the tables and queries

RWOP hides the tables from direct view.

Don't use stored queries. Set the form's Recordsource in VBA code to a SQL
statement. Do not place a SQL statement directly in the Recordsource, since
mde can be largely broken.

Use the inbuilt database encryption to prevent external system dump utilities.

Chris

 

[Guest]

Hi Chris
We are not really as concerned about the data as we are about the table and
query design. Sorry I was not clear in my previous posts. And it's only
when I create a new database and search the packaged software that I can
import the tables and queries. This is what I want to prevent. The forms,
reports, etc are greyed out and we want the tables and queries to be the
same. Any suggestions?

Thanks
Connie

 

[Guest]

Thank you Chris. I will give it a try

Connie

RWOP hides the tables from direct view.

Don't use stored queries. Set the form's Recordsource in VBA code to a SQL
statement. Do not place a SQL statement directly in the Recordsource, since
mde can be largely broken.

Use the inbuilt database encryption to prevent external system dump utilities.

Chris

 

[Chris Mills]

You'd be aware that even with RWOP, the tables are still owned by the owner of
the database. And User-Level Security can be easily broken.

Nevertheless, you can only do what you can do.

The most secure User-Level Security is where you don't distribute a system.mdw
with the owner in it. See Joan Wild's website or ask Joan about this.

Another method available to you is obfuscation, which it sounds you have
partially done. But I'd be inclined to rename a database to other than mdb.

(And name tables and fields "gobbledegook"!)

Chris

 

[Guest]

Hi, Connie.

I might be wrong, but I don't
think client/sever is what we are looking for in the above scenario.

Then you are not looking for a way to prevent people from copying your
critical data.

It is suprising to me however, that even though we secured it to the max, I
can still import the tables and queries into a new access database.

Are you distributing a secure workgroup file as well and joining that
workgroup file to create a new database and import the tables? Remove the
non-Administrative users' (i.e., the customers') permissions to create a new
database. Remove their permissions to create new tables, too. (Well, this
last one works in the database file you created, but since I just now thought
about it so haven't tested it, one probably can't prevent creation of tables
in another database file.) There's still a workaround, but not everyone has
stumbled upon this.

If you are not distributing a secure workgroup file, then you did not secure
it properly if you can import tables into a new database that have all the
permissions removed for members who are not the database owner.

Can't
touch the forms, reports, macros

Yes they can, but not everyone knows how. Tables, queries and macros can be
imported from an MDE database file. Forms and reports can be copied from an
MDE database file.

We would really love it if we
could find a way to do the same with the tables and queries.

Hide it all in the VBA code. The source code was removed from the MDE
database file when it was created, so it's not viewable from the VB Editor.
Don't use stored queries. Use SQL statements and execute them from VBA
procedures. Store the critical data in <cough> multi-dimensional arrays.
And scramble these things throughout the modules, so that someone looking at
the file with a hex editor can't read snippets verbatim. These techniques
are sure to bog down the speed of your application, make the file larger than
necessary, and make the code unmaintainable, but you see the alternatives and
find them unacceptable.

And don't think that encrypting/encoding the database with Access is a good
idea, because anyone who can open the database can use the same utility to
decrypt/decode the file. Use another utility to encrypt the file, but beware
that encrypted data is slow.

HTH.

Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips.

(Please remove ZERO_SPAM from my reply E-mail address, so that a message
will be forwarded to me.)
Beware to those who use munged addresses: known newsgroup E-mail harvesters
for spammers are (e-mail address removed) and (e-mail address removed)

- - -
When you see correct answers to your question posted in Microsoft's Online
Community, please sign in to the Community and mark these posts as "Answers,"
so that all may benefit by filtering on "Answered questions" and quickly
finding the right answers to similar questions. Remember that questions
answered the quickest are often from those who have a history of rewarding
the contributors who have taken the time to answer questions correctly.

 

[Rick Brandt]

Hi, Rick.


And an experienced SQL writer can easily extract the data from the
secured database into the new database with these RWOP queries. This
may not be all of the data in all of these critical tables, but I'll
bet that it's data which Connie intends to protect.

How would that work exactly? Any new SQL you would run would not have
Owner's permissions so you would get nothing from the table at all (right?).
At any rate my response was limited to the question asked "how do you
prevent importing of tables from a secured file?"

I have always said that if you need ot protect data from *users* that it
should not be in an MDB file. To protect it from non-users NT security is
at least as good as the security on a server database product.

 

[Chris Mills]

And don't think that encrypting/encoding the database with Access is a good

idea, because anyone who can open the database can use the same utility to
decrypt/decode the file.

In the first place they have to break ULS with exclusive permissions to do
that. (admittedly not difficult)

In the second place, if they can get into the database to decrypt it, then
they hardly need to mess around with dump utilities which encryption prevents.
So it doesn't matter to decrypt it, in that event, because they can get into
the database by "proper methods" anyway.

In-built Encryption is fundamental as a line of defence against simple
dumping.

Chris

 

[Chris Mills]

Actually, I appear to have stuffed-up in advising Connie to use RWOP queries
(for tables) and not use stored queries (for queries or forms).

It appears necessary to have an RWOP query stored...help!
(seems one or other advice, but they are mutually exclusive?)

Chris

 

['69 Camaro]

Hi, Rick.

How would that work exactly?

I sent you an E-mail discussing it. This shouldn't be discussed publicly in
the newsgroups.

At any rate my response was limited to the question asked "how do you
prevent importing of tables from a secured file?"

Agreed. But there's no reason to close one door and leave another one wide
open and expect security. Though she didn't spell it out, Connie is also
interested in preventing extraction of the data from these "critical" tables
by other means, which is what I was addressing.

I have always said that if you need ot protect data from *users* that it
should not be in an MDB file.

I whole-heartedly agree.

HTH.

Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips.

(Please remove ZERO_SPAM from my reply E-mail address, so that a message
will be forwarded to me.)
Beware to those who use munged addresses: known newsgroup E-mail harvesters
for spammers are (e-mail address removed) and (e-mail address removed)

 

['69 Camaro]

Hi, Chris.

In the first place they have to break ULS with exclusive permissions to do
that. (admittedly not difficult)

In Connie's first post, she explained the following:

"We have also hidden several of the critical tables and queries. The
problem
is, if I open a new database in Access and have set my options correctly, I
can import all of the tables and queries.

"To protect our investment, does anyone know how we prevent this type of
importing?"

I interpret that to mean that Connie's company wants to hide and protect the
critical tables and queries from the people who purchase the database
application who would then copy them and use the data in other applications
without authorization or even sell it themselves. These customers will have
sufficient permission to open the database, so breaking user-level security
isn't an issue. These customers will also be able to use Access to
decrypt/decode the application if Connie's company encrypted/encoded the
file before distribution. It's amazing how many people think that this
built-in encryption will safeguard the data from the people who are allowed
to open the database. I wanted to warn against this common assumption.

HTH.

Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips.

(Please remove ZERO_SPAM from my reply E-mail address, so that a message
will be forwarded to me.)
Beware to those who use munged addresses: known newsgroup E-mail harvesters
for spammers are (e-mail address removed) and (e-mail address removed)

 

['69 Camaro]

Hi, Chris.

I suspect Client/Server is not really any more secure than Access in this
situation.

If set up correctly, a client/server database is considerably more secure in
this situation. However, no database security is completely fool-proof yet.

The client and/or the program must have suitable passwords and therefore
accessibility to extract the data.

An experienced DBA knows how to prevent this extraction.

But it's also unusual to want
to protect data, as against program, for a "retail sale". It is not really
clear what Connie is selling (program or data).

Connie appears to be Canadian, and I don't know if Canadian laws are like
U.S. laws regarding databases, but databases in the U.S. are not
copyrightable. Hiding the data from the customer might be one of the few
options available for safeguarding their investment in the time it took to
collect, clean up, and compile the data into meaningful information useful
for a salable software product.

HTH.

Gunny

See http://www.QBuilt.com for all your database needs.
See http://www.Access.QBuilt.com for Microsoft Access tips.

(Please remove ZERO_SPAM from my reply E-mail address, so that a message
will be forwarded to me.)
Beware to those who use munged addresses: known newsgroup E-mail harvesters
for spammers are (e-mail address removed) and (e-mail address removed)

 

[Chris Mills]

Gunny,

Well, firstly let me say that, so far as I'm concerned, it's great to have a
difference of opinion! Things get learned that way! Also, your statements are,
of themselves, uncannily accurate. I just think they occasionally might not
apply to the issue at hand.

Anyhow:
My post was restricted to the reasons for encrypting, and I stand by that, and
why in-built encryption doesn't even matter if they otherwise have (or obtain)
full access to Access. Encrypting or dump utilities could be slightly
off-topic but is all to do with security and "extraction".

I interpret that to mean that Connie's company wants to hide and protect the
critical tables and queries from the people who purchase the database

Yes. I think we all answered with that in mind. I don't think our ideas were
too broadly dissimilar. Basically it is difficult!

Personally, for my own "retail software", I give the user-site (but not all
the users) full design perms on the tables. Without being irresponsible, I'm
worried about the program being ripped-off and I don't really care if they
change the table design and mess-up their own data! It has also been said "how
many ways can you design a table and what can be secret about that!" (I
reserve judgement)

She has indicated she wants to protect the design more than the data. This is
consistent with my own attempts at retail software, as indicated above.

These customers will have
sufficient permission to open the database, so breaking user-level security
isn't an issue.

No that is wrong. Unless they obtain hacking software or services, ULS will
severely limit what the user can do. Including that "normal users" will not be
able to open a database exclusive, can't make design changes, can't decrypt a
database which this particular post was about. And if they could then by
definition they wouldn't need to, which you didn't seem to understand.

The whole thing relies on (ULS, MDE, etc), which we know can be broken. But if
we go too far down that track, and have too much knowledge, then there isn't
any point in security at all. Yet there is. Connie is probably selling s/w to,
um thinks, Chicken Farmers! Hopefully Chicken Farmers know more about chicken
farming and less about MS-Access security. If she is selling s/w to the
Gunny's of this world, then Heaven Help Her!

These customers will also be able to use Access to
decrypt/decode the application if Connie's company encrypted/encoded the
file before distribution.

Read my post. If they can do that, then they don't even need to decrypt it!
And they can only do that if they break ULS as a pre-requisite, because they
would not normally have exclusive open or anything else beyond running a menu.

They might well break into ULS. In which case, encryption/decryption
(in-built) becomes irrelevant, sure. THEY DONT HAVE TO DECRYPT IF THEY HAVE
THAT!

It's amazing how many people think that this
built-in encryption will safeguard the data from the people who are allowed
to open the database.

I said no such thing. I said it prevents external dump utilities. I said that
if they can get in with sufficient perms to decrypt, then they don't even need
to decrypt they are into it anyway! A properly secured database does not allow
any user such permissions. Password-cracking excepted. (or possibly, no such
user in the distributed mdw)

Thankyou for the reply. I, as I'm sure you, have some interest in the subject.
What we are both doing is trying to give Connie our best advice. In my case
(another post in this thread) I appear to have given conflicting advice.
However, it wasn't about Encryption.

We "retailers" need every means of defence, whatever their limitations. I
thought that was your philosophy as an old US marine too.

Best Regards
Chris

P.S. One of my best security methods is nothing to do with Access, it's
recording my customers. The way I write software, they will surely have to
contact me sooner or later! What's this? Not on my list? My next best method,
is to employ Gunny as a security guard

 

[Chris Mills]

I sent you an E-mail discussing it. This shouldn't be discussed publicly in

the newsgroups.

Personally, I think that's a great idea for some aspects of security. All
security, sooner or later, relies to some degree on a lack of knowledge.

Otherwise, the Russians would have the bomb by now!

 

[Chris Mills]

I suspect Client/Server is not really any more secure than Access in this

If set up correctly, a client/server database is considerably more secure in
this situation. However, no database security is completely fool-proof yet.

If they have perms to read data, then they do. Doesn't matter how secure the
password is (you just gave them one!), nor that the file is usually busy all
day (you just gave it to an outside site!)

I think much-too-much is made of "client-server" security. Depends as much as
anything on the situation, I imagine.

See relevant posts/discussion by (David)

Regardless, Client/Server does not seem to me appropriate to a "small
shrink-wrapped retail app".

Connie appears to be Canadian,

Oh Dear......<GUFFAW!>

I did mean to say, nationality notwithstanding, make sure to write an EULA for
retail software. Hell, it says you mustn't reverse-engineer! (if you don't say
that, then you couldn't sue or threaten to sue). "Programs" are certainly
copyrightable, otherwise none of us would bother paying Microsoft. I'm not
sure if table design is part of the "program". I hope not to find out.

Chris