db-derby-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stanley Styszynski" <diabe...@gmail.com>
Subject Re: Users authentication - design problem
Date Thu, 31 May 2007 19:09:02 GMT
Hello again,

First of all, thanks to everybody for posting these ideas and thoughts.

Maybe I will give some more pieces of information about my application:
My application will be able to upload meter and insulin dosing data and
generate charts to help identify patterns. So, users will be adding,
modifying and removing their results. There will be a possibility of
importing/exporting data, printing reports and so on. I am not taking into
account that there could be any central server. Everything must be stored on
the user's desktop.

What I want to achieve is an multiuser application in which one user should
not have access to other user data. This is the main goal. What is more, I
would like to secure the data as much as I can. I have planned to use
built-in authentication and encryption. Maybe I should use something
different. While built-in authentication seems rather ok, encryption can
cause problems (as some of you pointed out).

I like the idea of having generic user and root user. Root user could be (as
I have planned) be generated dynamiccally, and only this user could have
rights to modify data. Generic user could only read data, and being already
authenticated, the application could dynamically "log in" secret root user
(his username and password would be secret to the generic user and stored
encrypted in a table). In this situation, even if the database was moved
somewhere or application was not available, generic user would always have
access to his data and could export it to working copy of the application.
Am I right? Any more suggestions?

By the way: it will be an open-source application. Later on I plan to create
(with volunteers) server-side application to be installed in hospitals and
medical centers.

Regards,

Stanley

On 5/31/07, m96 <m96@gmx.li> wrote:
>
> hi,
>
> a few thoughts...
> I don't think that any of your users have the knowledge to copy and boot
> the database. or the intention to change the data in your database,
> therefore you could just create a jar file and embed it. and when your
> application does not support modifications on the database then you are
> safe.
>
> on the other side i can understand your need to access restriction if
> your application must be GxP compliant and so you need to proof that
> no-one has changed the data in your db. so the idea would be creating a
> generic user and root user. the generic user with the a std pwd that
> publicly known (also to the application it-self) could read the data.
> and only root could modify the data.
>
> encryption makes only sense if you keep the boot pwd secret. which won't
> be the case in your situation.
>
> cheers...
>
>
> On Wed, 2007-05-30 at 20:42 +0200, Stanley Styszynski wrote:
> > Hello,
> >
> > My name is Stanley and I'm working on application which will offer
> > opportunity to simulate the effects of changes in insulin and diet on
> > the blood glucose profile of a diabetic patient. It will be a
> > multiuser, desktop application with Apache Derby inside.
> >
> > I would not like to grant any of the users the administrative
> > privileges. Every user (added using special form in my application)
> > should be equal. No one should be able to see or modify other users
> > results or database settings. I plan to dynamically create a root user
> > (when my application will be launched for the first time). Root's user
> > name and password will be created dynamically (current time multiplied
> > by random value and SHA-256). This data will be stored in separate
> > text file(encrypted) and it's content will be read by the application
> > to enable adding new users. I plan to encrypt a database so only my
> > application will be able to boot it.
> > Then, application itself, will be controlling access to the propriate
> > pieces of data. It should be easy when we take into account that my
> > application is using built-in driver (no network connection at all,
> > database is integrated with application).
> >
> > Is this solution good? Maybe there are others who encountered such a
> > "problem" and could share their knowledge?
> >
> > Regards,
> >
> > Stanley
> >
>
>

Mime
View raw message