Client/Server Security

From: Ray Dowling <rdowling_at_b022.aone.net.au>
Date: 1996/10/31
Message-ID: <32778D86.3776_at_b022.aone.net.au>#1/1

I am implementing Developer 2000 running against HP-UX Oracle 7 database. I am interested how security to data base can be handled. We currently have Forms3.0 running on HP-UX (using operating system security OPS$.

Problem is:-

To allow a user to access only that data available to him, each user is given a username and password. Each user has been granted certain roles to perform his work.

The Developer Form ensures data integrity (validation) within the data base.

Some users will have access to HP-UX to perform other functionality and hence access to SQLPLUS. They may then CONNECT as the granted user and perform the data base functions allowed (by the roles).

OR any ODBC front-end software (eg Excel, Access) will allow updates to the data base (thereby bypassing the Developer Form validation) using the username and roles provided.

How has this been solved elsewhere???

-- 
*************************************************************************

Ray Dowling                          
Port of Brisbane Corporation            Phone:  61 7 32584739
369 Ann St.                               Fax:  61 7 32584703
Brisbane  Q'ld.  4000  Australia     Internet:  rgd_at_acslink.aone.net.au
                                               
rdowling_at_b022.aone.net.au
P.O. Box 1818
GPO Brisbane 4001.
**************************************************************************

Received on Thu Oct 31 1996 - 00:00:00 CET

This message: [ Message body ]
Next message: Jim Smith: "Re: Client/Server Security"
Previous message: Frank Yacano: "Re: Help on ODBC connection"
Next in thread: Jim Smith: "Re: Client/Server Security"
Reply: Jim Smith: "Re: Client/Server Security"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message