Professional Documents
Culture Documents
Name-Sardar Ashraf
Students ID-W0832352
Section-B
Lab 7
ISBN Title Author Author Birth Year Publisher Published Year Genre
123456 "Book Title 1" "Author 1" 1980 "Publisher 1" 2010 Fiction
789012 "Book Title 2" "Author 2" 1995 "Publisher 2" 2015 Non-Fiction
First Normal Form (1NF):
In 1NF, we want to make sure that there are no repeating groups or arrays within the table. We
can achieve this by creating separate tables for authors and publishers.
Table Author:
Publisher
"Publisher 1"
"Publisher 2"
Table Books (After 1NF):
Publisher
"Publisher 1"
"Publisher 2"
Trusted Locations:
Access allows you to specify trusted locations for databases. Only databases located in
trusted locations are allowed to run code, reducing the risk of executing malicious code from
untrusted sources.
Digital Signatures:
Access supports digital signatures for database objects. This allows you to sign your VBA
(Visual Basic for Applications) code and macros, providing a way to verify the integrity and
authenticity of the code.
Audit Trails:
Access provides a basic form of auditing through the use of action queries and logging
changes to a separate table. While not as robust as some dedicated database management
systems, it allows you to track changes to data.
How can you implement user-level security in Access databases?
Sol: Implementing user-level security in Microsoft Access involves creating user accounts,
defining user groups, and assigning permissions to control access to various database objects.
Here are the general steps to implement user-level security in an Access database:
Create a Workgroup Information File:
Before implementing user-level security, you need to create a workgroup information file
(MDW file). This file stores information about users, groups, and their permissions. You can
create a new MDW file using the "Workgroup Administrator" tool.
Open the Database with User-Level Security:
Open the Access database that you want to secure with user-level security. When prompted,
select the workgroup information file (MDW) that you created in the previous step.
Create User Accounts:
In the "Security" section of the "Database Tools" tab, you can manage user accounts. Create
individual user accounts for each person who will access the database.
Create User Groups:
Groups allow you to organize users based on their roles or access levels. For example, you
might create groups such as "Admins," "Managers," and "Users." Assign users to these
groups based on their responsibilities.
Assign Permissions:
Define the permissions for each user or group. Permissions include the ability to open tables,
run queries, modify data, and perform other actions. Assign appropriate permissions to each
user or group for specific database objects.
Set Database Password:
While this step is optional, you may choose to set a database password for an additional layer
of security. Users will need to enter this password to open the database.
Test User Access:
Once user accounts, groups, and permissions are set up, test the access of different users to
ensure that they can perform the intended actions and are restricted from unauthorized
actions.
Distribute the Database:
If your database is split into a front-end and back-end, distribute the front-end database to
users while keeping the back-end database on a secure network location. This helps separate
data storage from the application and facilitates centralized management.
Backup Workgroup Information File:
Make regular backups of the workgroup information file (MDW) and store it in a secure
location. This file is crucial for managing user-level security, and losing it may result in the
loss of security settings.
What are best practices for securing sensitive data in Access?
Sol: Securing sensitive data in Microsoft Access involves a combination of database design
practices, user-level security measures, and adherence to general security principles. Here are
some best practices for securing sensitive data in Access:
Use a Strong Database Password:
Set a strong password for the Access database itself. This adds an extra layer of protection,
especially if the database contains sensitive information.
Implement User-Level Security:
Leverage Access's user-level security features to control who can access the database and
what actions they can perform. Create individual user accounts, organize them into groups,
and assign appropriate permissions.
Limit Access to Design View:
Restrict access to the design view of tables, queries, forms, and reports. Users with the ability
to modify the design of database objects could potentially compromise the integrity of the
database.
Encrypt Sensitive Data:
If possible, encrypt sensitive data within the database. Access doesn't have built-in column-
level encryption, but you can consider encrypting sensitive data before storing it in the
database or explore external encryption tools.
Regularly Back Up the Database:
Perform regular backups of the database, including the workgroup information file (MDW) if
you are using user-level security. Backups ensure that you can recover the database in case of
data loss, corruption, or security incidents.
Limit Physical Access:
Control physical access to the computer where the Access database is stored. Ensure that
only authorized personnel can access the server or computer hosting the database.
Keep Software and Antivirus Updated:
Keep the Access software and any antivirus or security software up to date. Regularly
applying updates helps to patch security vulnerabilities and protect against known threats.
Secure Network Communication:
If the database is shared on a network, secure network communication. Use secure protocols,
such as VPNs or secure sockets layer (SSL), to protect data transmission over the network.
Audit and Monitor Access:
Enable auditing features and regularly review access logs to monitor who is accessing the
database and what actions they are performing. This can help identify unusual or
unauthorized activity.
Limit External Data Sources:
Be cautious with external data sources. If your database connects to external data, ensure that
access to these sources is secure, and regularly review and validate the integrity of external
data.
Regularly Review and Update Security Measures:
Security threats evolve over time, so it's essential to regularly review and update your
security measures. Stay informed about security best practices and consider adjustments
based on changes in your organization's requirements.
Educate Users:
Educate users about security best practices, including the importance of strong passwords,
the risks of sharing login credentials, and the sensitivity of the data they are working with.