This question is for anybody who has created & sold/distributed an
application that uses MSDE as its backend database.
I am converting my application which currently uses Access 2000 to MSDE
SP3a.
I already have the install process together, but I an in a quandry as to
what security method to use when installing.
If I use SQL security and set the SA password, am I looking for issues in
the future when a client might possibly purchase another program that uses
MSDE and won't install because I have set the SA password?
If I use Windows authentication, then I am leaving my database open to
anybody with Admin privliges.
I use information within a database table to license my program, so I'd like
to keep it secured.
Can anybody tell me what they do for their applications? Install with SQL
or Windows authentication?
TIA
Jim K.
As for other applications using your instance - the MSDE license only allows
your instance to be used by your application. If another application
installs its database on your instance of MSDE, then not only is it
violating the MSDE licensing but it is rather poor behavior, in my opinion.
Users with Administrative rights will always have total access to your MSDE
installation, whether you use integrated (Windows) authentication or not. If
you are concerned about the security of your data then you should implement
some form of encryption for the any data that you consider important
intellectual property or secure data.
With my application we encrypt any important data and implement in the
database a simple way of protecting the licensing the program. I don't go to
great extremes to prevent unlicensed clients from connecting to the
database - just enought to make it a hassle to try to break any system I
might have put in place.
Jim
"Jim K" <krusej@.megsinet.net> wrote in message
news:%235%23vNcuiEHA.3876@.TK2MSFTNGP12.phx.gbl...
> This question is for anybody who has created & sold/distributed an
> application that uses MSDE as its backend database.
> I am converting my application which currently uses Access 2000 to MSDE
> SP3a.
> I already have the install process together, but I an in a quandry as to
> what security method to use when installing.
> If I use SQL security and set the SA password, am I looking for issues in
> the future when a client might possibly purchase another program that uses
> MSDE and won't install because I have set the SA password?
> If I use Windows authentication, then I am leaving my database open to
> anybody with Admin privliges.
> I use information within a database table to license my program, so I'd
like
> to keep it secured.
> Can anybody tell me what they do for their applications? Install with SQL
> or Windows authentication?
> TIA
> Jim K.
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment