Next we'll be suggesting sharks with frikking laser attached to their heads to guard the door!
Bastien
Sent from my iPod
On Sep 15, 2010, at 19:53, Matty Sarro <msarro@xxxxxxxxx> wrote:
> Ooooh, how about a pressure sensor on his seat??? Like the ones they have in
> cars to make that little airbag light illuminate.
>
> if buttDetected{
> allowAccess();
> }
>
> On Wed, Sep 15, 2010 at 7:00 PM, Yousif Masoud <yousif.masoud@xxxxxxxxx>wrote:
>
>> On 12/09/10 17:32, tedd wrote:
>>
>>> Hi gang:
>>>
>>> I have a client who wants his employees' access to their online business
>>> database restricted to only times when he is logged on. (Don't ask why)
>>>
>>> In other words, when the boss is not logged on, then his employees cannot
>>> access the business database in any fashion whatsoever including checking to
>>> see if the boss is logged on, or not. No access whatsoever!
>>>
>>> Normally, I would just set up a field in the database and have that set to
>>> "yes" or "no" as to if the employees could access the database, or not. But
>>> in this case, the boss does not want even that type of access to the
>>> database permitted. Repeat -- No access whatsoever!
>>>
>>> I was thinking of the boss' script writing to a file that accomplished the
>>> "yes" or "no" thing, but if the boss did not log off properly then the file
>>> would remain in the "yes" state allowing employees undesired access. That
>>> would not be acceptable.
>>>
>>> So, what methods would you suggest?
>>>
>>> Cheers,
>>>
>>> tedd
>>>
>>> Hi Tedd,
>> One aspect of software design to keep in mind is change. Today the
>> customer wants everyone to have access when they are logged in. They may
>> want that rule relaxed a little. Perhaps, employees can login when members
>> of a certain group are logged in.
>>
>> I recommend using some form of external device that instructs the system to
>> enable/disable access to the database. Depending on the sensitivity of the
>> data, the solution can utilize a card reader (once the boss takes the card
>> out of the reader, database access is terminated for the company) and either
>> a fingerprint or retinal scanner [for extra security]. If it is really
>> sensitive data, then a retinal scanner and some form of code generator that
>> generates one-time eight digit (at least) code to enable access to the
>> database. The algorithm that generates the codes would be a deeply guarded
>> secret (that would mostly be their problem -- you will need to ensure that
>> once you sign off the project, there is no way it can be retrieved from
>> you).
>>
>> No need to shut down the database server, just instruct the firewall to
>> block the MySQL port and/or Web server port. Might be a good idea to choose
>> a different port than 3306 for MySQL.
>>
>> What would happen if, for some reason the "boss" couldn't make it in or is
>> on Holiday?
>>
>> Good luck,
>> Yousif
>>
>> PS. It might be a good idea to introduce them to the concept of RBAC and
>> see what they think.
>>
>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
