On 12/09/10 17:32, tedd wrote:
Hi gang:
I have a client who wants his employees' access to their online
business database restricted to only times when he is logged on.
(Don't ask why)
In other words, when the boss is not logged on, then his employees
cannot access the business database in any fashion whatsoever
including checking to see if the boss is logged on, or not. No access
whatsoever!
Normally, I would just set up a field in the database and have that
set to "yes" or "no" as to if the employees could access the database,
or not. But in this case, the boss does not want even that type of
access to the database permitted. Repeat -- No access whatsoever!
I was thinking of the boss' script writing to a file that accomplished
the "yes" or "no" thing, but if the boss did not log off properly then
the file would remain in the "yes" state allowing employees undesired
access. That would not be acceptable.
So, what methods would you suggest?
Cheers,
tedd
Hi Tedd,
One aspect of software design to keep in mind is change. Today the
customer wants everyone to have access when they are logged in. They
may want that rule relaxed a little. Perhaps, employees can login when
members of a certain group are logged in.
I recommend using some form of external device that instructs the system
to enable/disable access to the database. Depending on the sensitivity
of the data, the solution can utilize a card reader (once the boss takes
the card out of the reader, database access is terminated for the
company) and either a fingerprint or retinal scanner [for extra
security]. If it is really sensitive data, then a retinal scanner and
some form of code generator that generates one-time eight digit (at
least) code to enable access to the database. The algorithm that
generates the codes would be a deeply guarded secret (that would mostly
be their problem -- you will need to ensure that once you sign off the
project, there is no way it can be retrieved from you).
No need to shut down the database server, just instruct the firewall to
block the MySQL port and/or Web server port. Might be a good idea to
choose a different port than 3306 for MySQL.
What would happen if, for some reason the "boss" couldn't make it in or
is on Holiday?
Good luck,
Yousif
PS. It might be a good idea to introduce them to the concept of RBAC and
see what they think.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
