Posted 59 months ago on 6/17/2008 and updated 9/1/2008
Take Away: Overview of using Paradox's table encryption to secure your data.
Security is not what most people think it is. Usually when someone says, "I want my data secure". What they mean is that they want a 100% guarantee that no one will get to the data, no matter what. Unfortunately that's impossible. Making your data and your application secure is about adding layers of security. By implementing security best practices and adding layers of security, you can make your data as safe or safer than any organization's data. This article discusses adding Paradox's passwords to your Paradox tables to add a layer of security to protect your data. In the summary, I also discuss a couple additional layers you should think about implementing.
With Paradox tables, you can add passwords to each table that prevents users from opening the table, entering data, altering the structure of the table, etc. The passwords features of Paradox includes advanced features such as preventing certain users from updating only certain fields in a table!
Two Types of Passwords - Paradox tables offer two types (or levels) of passwords on each table. Each table can have one and only one master password and can have several auxiliary passwords.
Master Password - With each table you can establish a master password which both grants access to the table and encrypts the data (to a degree) within it. The master password has full rights to the table or none. With a single master password it's all or nothing. This level of security works for some people and if you need an all or nothing approach, then just add a master password to every table. If you use the same password for all tables, you'll have to enter the password only once.
Auxiliary Passwords (Table-level) - With each auxiliary table, you can specify the following rights for the table:
Read and Update
Read, Update, and Edit (data entry)
Read, Update, Edit, and insert/delete.
Read, Update, Edit, insert/delete, and restructure.
Auxiliary Passwords (Field-level) - Auxiliary passwords also allow you to grant access rights to each field. If the table rights are set to Read-Only, you can specify Read-Only or None for each field; for others, you can specify Full, Read-Only, or None.
Creating Password Protected Paradox Tables
To add a master or auxiliary password to an existing Paradox table, restructure it and select the Passwords tab. The Passwords tab is also available when you create a table. Select the Define button to create the master password. Notice the right-side options are not available for master passwords (it's all or nothing).
Adding Auxiliary Passwords Select Add to add an auxiliary password and Remove to remove one.
Bizarre Behavior Note For some reason, the designers of this dialog box really mangled up the user interface. The Table Rights panel uses a series of check boxes rather than radio buttons. Check boxes usually mean on or off for that item and when used in a series usually means any combination. Not so with Table Rights. It's a gradually increasing set of rights. Not a big deal but might throw some users.
Tip Whether I'm using Paradox tables, MS SQL 2005, Oracle, whatever, I generally create three levels of passwords (roles on MS SQL 2005). One master or full access password (used by the developer), one read-only password, and one edit password (defined in the dialog above). You can get more complicated if the application warrants it.
Using Password Protected Paradox Tables
Passwords are entered and used per BDE session. Once you enter a password to a session, any table that requires that password will automatically use it. The first time you attempt to use a password protected Paradox table, you'll have to enter the password. For example, the following dialog is displayed when you open a password protected Paradox table using Paradox for Windows.
This dialog adds and removes passwords from the session. You can also get to it in Paradox for Windows by selecting Tools | Security | Passwords. It's a bit overdone (confusing) but it allows you to add a single password or multiple passwords as well as remove any previously entered password or all passwords. Enter a password you wish to work with and select either OK (dialog closes), Add (dialog stays open), or Remove (dialog stays open). To remove all previously entered passwords, select Remove All.
Adding security is about adding layers of protection. The more layers you add, the more secure your data. Adding Paradox passwords to your tables is a great way to add an additional layer of security. It's not the most secure encryption method, but it is a good additional layer of security. In addition to Paradox passwords, you should think about other issues including the following:
Be Pessimistic -Don't think "if a hacker", think "when". Too frequently apathy sets in until you've been attacked by a hacker trying to get your data. The time to think about security is before someone attacks.
Are your passwords secure? How and where you store your master list of passwords is important. If someone steals your passwords, then they will be one more step closer to getting to your data. If several people know your master passwords and your data requires a high-level of security, consider changing your master passwords periodically.
Physical Security - Your data is stored on some type of storage device. Is that device secured? How hard would it be for someone to steal the device? If someone steals your device, they can take a long amount of time trying to read it. Usually, hackers have great success with hex readers and other tools that look at and unscramble the raw bits stored.
Double Encryption - If you encrypt (obfuscate, scramble or mangle) the sensitive data in your tables prior to posting the data, you are adding yet another layer of security. That's helpful if someone does manage to get your passwords and the tables. I recommend you encrypt sensitive data such as social security numbers, credit card numbers, passwords, etc. prior to posting to a field in your database. Your data is more secure if you scramble sensitive data in the database and make use of Paradox's password features (double encryption).
That's it! If you have suggestions, comments, or questions, please post them below.
I am using this connectionstring to access my password protected Paradox table. I can run my Select query. But getting "ERROR [HY000] [Microsoft][ODBC Paradox Driver] Operation must use an updateable query." this error. If i remove the password the query works fine. What would be the reason for this error? how to solve this?
"If i remove the password the query works fine. What would be the reason for this error?"
The most likely reason is that your Paradox driver session already has a password or passwords in effect, and at least one of those has write privileges, but the password that you are explicitly setting in the connect string is read-only.
Indeed, be very very pessimistic. Both the Paradox engine (used by Paradox for DOS) and the BDE (used by Paradox for Windows, shipped with Delphi) contain and respond to built-in permanent passwords. Most of the Paradox graybeards know these backdoor passwords, and you can probably find a Russian capitalist to sell them to you.
So it is not possible to construct a truly secure database using only the password protection coded into an unmodified BDE. Even though few people know of these permanent passwords, and even fewer bother to remember what they are, it only takes one to compromise your data.