ASE Security Related Question

Hi All,

Security type question:

This is our environment:
- Delphi application connecting to an ASE 11.5  on NT 4.0 (using the BDE)
- MS-Access connecting to the same ASE 11.5 server using ODBC (Intersolv
3.0)

The problem:
The users do their updates to the db through the Delphi app.  The MS-Access
app. is supposed to be used for querying only.  We want to restrict update
access to the db to have to go through the Delphi app.   Currently have a
couple of distinct Sybase groups set up - 1 for inquiry which has select
access, 1 for update which has all privileges.  Problem is some users in
the update group run queries from MS-Access which also gives them update
access.  Could user-defined roles be used to help us out?  Is there a way
to set a user-defined role within the Delphi app.?  We don't have control
of the MS-Access app. (user supported).  The thinking was to give all users
select access, then if they're coming in from the Delphi app. to set a role
to allow them to update.   One of the constraints we have is that users may
have both applications open (connected) at the same time.  Is there a
method other than Sybase user-defined roles that would accommodate this
situation?

Any thoughts, comments, muchly appreciated.

TIA,
Liz.
0
Liz
4/29/1999 9:15:15 PM
sybase.sqlserver.admin 2338 articles. 0 followers. Follow

2 Replies
451 Views

Similar Articles

[PageSpeed] 56

Hi Liz,
another way is to set up two logins for all users which should use Delphi and
Access. One login is for the Access connections and one for the Delphi
connections. Both logins have the same password. Every Delphi login ends with a
postfix "_D".  For example  you setup one login BEECHEY with select rights and
one login BEECHEY_D with all rights. Then you implement a special login method
for your Delphi programm which added the postfix "_D" to every login name you
type in and open the connection with this concatenated name. So the users only
need to know there normal login name but they work with different connections
on the database!

Bye
       Wolfgang Kunk, RTL Television

Liz Beechey wrote:

> Hi All,
>
> Security type question:
>
> This is our environment:
> - Delphi application connecting to an ASE 11.5  on NT 4.0 (using the BDE)
> - MS-Access connecting to the same ASE 11.5 server using ODBC (Intersolv
> 3.0)
>
> The problem:
> The users do their updates to the db through the Delphi app.  The MS-Access
> app. is supposed to be used for querying only.  We want to restrict update
> access to the db to have to go through the Delphi app.   Currently have a
> couple of distinct Sybase groups set up - 1 for inquiry which has select
> access, 1 for update which has all privileges.  Problem is some users in
> the update group run queries from MS-Access which also gives them update
> access.  Could user-defined roles be used to help us out?  Is there a way
> to set a user-defined role within the Delphi app.?  We don't have control
> of the MS-Access app. (user supported).  The thinking was to give all users
> select access, then if they're coming in from the Delphi app. to set a role
> to allow them to update.   One of the constraints we have is that users may
> have both applications open (connected) at the same time.  Is there a
> method other than Sybase user-defined roles that would accommodate this
> situation?
>
> Any thoughts, comments, muchly appreciated.
>
> TIA,
> Liz.



0
Wolfgang
4/30/1999 1:54:32 PM
Hi Wolfgang,

Thanks very much for your reply.

We had considered doing something similar to that. 

 We don't really want to proceed this way if possible because this means
having two userids per user and either synchronizing passwords or having
the security risk of never changing them.  

Have you used the new ASE 11.5 role functions?  Would this work?

Thanks again,

Liz.

Wolfgang Kunk <wolfgang.kunk@rtl.de> wrote in article
<3729B617.97424EBD@rtl.de>...
> Hi Liz,
> another way is to set up two logins for all users which should use Delphi
and
> Access. One login is for the Access connections and one for the Delphi
> connections. Both logins have the same password. Every Delphi login ends
with a
> postfix "_D".  For example  you setup one login BEECHEY with select
rights and
> one login BEECHEY_D with all rights. Then you implement a special login
method
> for your Delphi programm which added the postfix "_D" to every login name
you
> type in and open the connection with this concatenated name. So the users
only
> need to know there normal login name but they work with different
connections
> on the database!
> 
> Bye
>        Wolfgang Kunk, RTL Television
> 
> Liz Beechey wrote:
> 
> > Hi All,
> >
> > Security type question:
> >
> > This is our environment:
> > - Delphi application connecting to an ASE 11.5  on NT 4.0 (using the
BDE)
> > - MS-Access connecting to the same ASE 11.5 server using ODBC
(Intersolv
> > 3.0)
> >
> > The problem:
> > The users do their updates to the db through the Delphi app.  The
MS-Access
> > app. is supposed to be used for querying only.  We want to restrict
update
> > access to the db to have to go through the Delphi app.   Currently have
a
> > couple of distinct Sybase groups set up - 1 for inquiry which has
select
> > access, 1 for update which has all privileges.  Problem is some users
in
> > the update group run queries from MS-Access which also gives them
update
> > access.  Could user-defined roles be used to help us out?  Is there a
way
> > to set a user-defined role within the Delphi app.?  We don't have
control
> > of the MS-Access app. (user supported).  The thinking was to give all
users
> > select access, then if they're coming in from the Delphi app. to set a
role
> > to allow them to update.   One of the constraints we have is that users
may
> > have both applications open (connected) at the same time.  Is there a
> > method other than Sybase user-defined roles that would accommodate this
> > situation?
> >
> > Any thoughts, comments, muchly appreciated.
> >
> > TIA,
> > Liz.
> 
> 
> 
> 
0
Liz
4/30/1999 6:10:34 PM
Reply:

Similar Artilces:

Couple of security related questions
I'm currently working on an extranet for a customer that is only going to provide an IP address to their users and the site will never have a domain assigned.  The site is 'very' sensitive and my customer does not want any information presented to the user until they sign-in.  This includes 'logo', 'header', and 'footer' information.  Since the logo, header, and footer are not modules, I was wondering if there was anyway to notify DNN not to display 'anything' until the user is signed in to the portal.  I basically want to display the login module and nothing el...

Basic Security Related Question
Hello, I have built my web Application in ASP.NET and VB.NET.The application needs to be extremely SECURE. But I am finding SECURE as a very vague term. I have logins for different levels of Privilage. I have handled it with a databased access control (i.e. when a login button is clicked ,a stored procedure returns the Privilage level and the menus to be loaded ). This Privilage level is stored in a session and is used in all further postbacks. My Database connections are stored in my web.config file. I have SS# stored in database which is displayed only to the heighst privilage use...

non-security related question
Hi Folks I know that this question shouldn't be here but I don't know of any other. I am thinking about buying a laser printer but I see that many have various options but there is one that I don't understand, 600 x 600 dpi I understand but what is 2440 x 600 dpi why is one greater than the other? please explain and many thanks advance Lee Lee <leemorris33@hotmail.com> wrote: > Hi Folks > I know that this question shouldn't be here but I don't know of any > other. I am thinking about buying a laser printer but I see that many > have various opt...

Newbie
I'm starting with a clean site (i.e., no tutorial installed) and I can't seem to find out how to log on to Security Administration to define users, roles, and projects for my site. Is there a default login/password I should be using? Thanks, Rich The default user id and password is powersite powersite. Dan van Leeuwen PowerSite Technical Support Group On Thu, 29 Jan 1998 13:50:59 -0700, Richard Youngkin <youngkin@sybase.com> wrote: >I'm starting with a clean site (i.e., no tutorial installed) and I can't >seem to find out how to log on to Se...

Security question related to authorization in web.config:
1/When we do:<allow roles="Managers, Executives" /><deny users="?" />Does it mean that other users who re authenticated and don t belong to neither Managers nor Executives roles. So they re not anonymous. Can they access the application or are not they allowed to according to the settings above.2/how about when we do:  <allow users=”myuser”/><deny users=”*”/>What does this second meanthank youThanks a lot, I appreciate your taking the time to help me. See the following link from a Google search of web.config allow den...

Need suggestion.Security related general question
Hi,   I have project that is using email to bring users back to the login page. The system auto generates email with a LINK to bring user to login page. Now my question is, how to make it secure.   What are your suggestions about making link secure so no one can guess. Suggestions will be helpful. May be I need to use username in the link or etc. I was thinking Guid with username attached in email?  Application is in ASP.NET 2.0 with SQL Server 2000  Thanks Hi,   Not sure what you mean.  You have an Email going out to users.  That Email has a link t...

Localization and Windows Integrated IIS security related question
For quite some time we were using IIS Integrated Windows security to authenticate users in our ASP.NET application. Only recently we discovered that it has an unexpected behavior when domain user name contains some international (accented) characters. Authentication completes successfully but the LOGON_NAME server variable in request is stripped from all accented symbols. I tried to search posts in this and some other forums to find out if somebody reported similar problem but didn't seem to find anything related to this problem. Have anybody seen an...

Help please
Hi GS'ers Am about to re-format and re-install 98SE (system is crawling along slowly at every turn, even with defrags - I think I have alot of turds sitting around from things I've ripped out and don't know how to get rid of or what to get rid of ) but ... I've also just finished downloading all the security patches lately. I {really} don't wish to spend another hour dl'g them all again after the new install. Question: Is there a way to extract/copy what I've already downloaded (I dl'd from the microsoft updates site) to a safe folder on my other drive...

Question about triggers and calling back into your code (Security Related)
Can it be done?  *grin* We have an ASP.Net v1.1 application that is running several processes.  Each process has it's own DB, as well as sharing a security DB.  One of the processes, which I'll call "main process" controls the actual logging in and out, and we're trying to find a way to make the other processes aware of this.  Unfortunately, the powers that be have decided that simply storing the session data in the DB is out of the question.  Instead, they're creating this strategy where they're running a webservice on the server, ...

Some Security/Authentication related Questions for EXAMS Point of View
Hi Friends I need answers for following questions with explaination for each correct answer. These are MCAD exam related questions. Any kind of help will be highly appriciated Q: 1. You create a reporting application for Margie's Travel. You create several reports, each of which resides in its own folder under the Reports folder. Each subfolder has the appropriate security rights sets for Microsoft Windows users. You write a function named ListReports that generates a list of available reports. You want to configure the application and the ListReports function to find out which repo...

ASE, Integrated Login Security & Named Pipes question
Hello all, Sorry if this gets posted twice to this group, having troubles with the web interface today. I've been tasked with investigating using Integrated Login Security (ILS) and ASE (i.e. passing the Windows security credentials to log into ASE instead of having a Sybase ASE username/pwd). I found this Sybase whitepaper/article which has given me a great big picture overview of the process: http://www.sybase.com/detail?id=1011503 It appears that you must use Named Pipes as the protocol instead of the 'typical' TCP/IP. My question: Is this just a matter of sw...

Question on ODBC driver versions relating to respective ASE releases
I have written a VB6 app for my customers, using the ASE driver 4.20.00.67 (as reported within ODBC data sources), and i appear to be having issues connecting to systems running ASE 12.0.0.4. being new to sybase in general, i think i have a driver mismatch, to explain - Basically, when my program runs, it fires off queries, 1 at a time, but each query when run is somehow creating an "empty messagebox" onscreen which is not being created directly from my program - consisting of an OK button, an exclamation mark, no text in the message body or box title, and the red cross i...

Question on ODBC driver versions relating to respective ASE releases
1st posts here, so if in wrong place, please 'redirect me'. I have written a VB6 app for my customers, using the ASE driver 4.20.00.67 (as reported within ODBC data sources), and i appear to be having issues connecting to systems running ASE 12.0.0.4. Basically, when my program runs, it fires off queries, 1 at a time, but each query when run is somehow creating an "empty messagebox" onscreen which is not being created directly from my program - consisting of an OK button, an exclamation mark, no text in the message body or box title, and the red cross in the top...

security question ASP - SQL
I have a question about ASP - SQL - integrated security.I set up an ASP .NET application which is running on a server (serverA).  My SQL database is running on a separate server (serverB).I implemented integrated security when I'm connecting to the database (connectionstring="Provider = SQLOLEDB;Data Source =EREQ0003\EREQ0003 ;Initial Catalog = MinitBackups;Integrated Security=SSPI;Trusted_Connection = True")What I see is that the user logid in on the server is used to connect with my database.  But this is not the way I want to work.  I want that the user, loged in on the PC ...

Web resources about - ASE Security Related Question - sybase.sqlserver.admin

Krebs on Security
The House Financial Services Committee is slated to hold a hearing this Friday on the impact of cyber heists against small- to mid-sized businesses. ...

Security Middle East - Latest news from the Middle East.
Security Middle East is a news portal for the entire security industry, focussed specifically on latest security news from the Middle East. Security ...

Information Security News, IT Security News & Expert Insights: SecurityWeek.Com
IT Security News and Information Security News, Cyber Security, Network Security, Enterprise Security Threats, Cybercrime News and more. Information ...

Security (finance) - Wikipedia, the free encyclopedia
equity securities, e.g., common stocks ; and, The company or other entity issuing the security is called the issuer . A country's regulatory ...

South Korea toughens aviation security law after Korean Airlines heiress Cho Hyun-ah’s ‘nut rage’ tantrum ...
SOUTH Korea has toughened its aviation security law in the aftermath of the notorious “nut rage” incident involving a top airline executive. ...

Apple releases OS X 10.11.3 with fixes for bugs and security
... and the more detailed release notes aren't available on Apple's support site as of this writing (it will post here when it's ready). The security ...

Many UK SMEs aren't paying attention to physical security
... breach can occur, with via internet being just one of them. However, companies don’t really pay that much attention to their physical security, ...

Not Satisfied: First Time Ever, Majority in U.S. Now Dissatisfied With Security From Terrorism
Here's a Gallup Poll headline that plays straight into Donald Trump's hands: Majority in U.S. Now Dissatisfied With Security From Terrorism . ...

Kidnapping of Americans in Iraq raises fears about security
Witnesses said men in uniform carried out the kidnapping in broad daylight, 100 yards from a police station in Baghdad

UK security agency MI5 tops LGBT rankings
Britain’s security service has been named the most lesbian, gay, bi and trans (LBGT)-friendly employer in the country, according to a charity. ...

Resources last updated: 1/20/2016 1:56:47 PM