ShrimperDan

I'm trying to solve for a real scenario.
The purpose is to increase application and data security.

What I have is several vb applications that connect to different SQL Server databases within the same company. Currently, security is just based on the WinXP (WInNT) ID. SO if you can log in, then you can run the applications.

My suggestion is the addition of login screens to each application which then provides a second layer of security.

Here is the problem...if I use the user's WinNT ID to validate during the connection to the SQL server, then if someone gains access to that person's machine, then they can make a DB connection via ODBC connection to see the database data.

The other option is to create a application specific SQL Server ID/PW that only the DBA and I, the developer, know to use to make the database connection and then the login screen takes care of user-level access. However, to conform to security standards, that password would need to change every 30 days. I can't re-create a new VB app every 30 days. And I loose SQL Server's ability to track inserts/deletes of each user.

Any idea of a possible solution that provides a secure login method without the exposure that WinNT ID access provides?

reboot

From Microsoft:

"The process of collecting credentials from a user-mode application can provide a possible security hole in a network computing environment (as well as being annoying to a user). The Unified Logon requirement (which specifies that the user should only have to type his or her credentials once, at the logon screen), was added to the Microsoft BackOffice logo requirements for these reasons."

ShrimperDan

THe problem with UL, from a security standpoint, is if a user gains access to the pc, they have therefore gained access to the data the applications contain.

reboot

How are they going to gain access to the PC?

ShrimperDan

Because people are not perfect. Because people on this group write down passwords on scrap paper. Because people don't lock their pc. All users in the group should not have access to all applications that team mates can access.

lebb

I guess I don't see how additional login screens would address any of this. In fact, the more different logins you require the user to maintain, the more likely he is to write down his passwords. I can definitely relate to the problem, but I don't understand how this could address it.