Re: Part 11 compliant
From: Katherine H (anonymous_at_discussions.microsoft.com)
Date: 07/28/04
- Next message: Ilan: "Re: multiple users in a secured database"
- Previous message: Lynn Trapp: "Re: Drowning in Security...HELP!"
- In reply to: TC: "Re: Part 11 compliant"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 28 Jul 2004 06:29:07 -0700
Thanks for you help, I will see what I can do with this.
>-----Original Message-----
>"Katherine H" <anonymous@discussions.microsoft.com> wrote
in message news:<4f3d01c473e7$d7abd9e0$a301280a@phx.gbl>...
>> Part 11 compliant refers to security of records.
>> Has two main parts:
>
>
>> 1. making sure every record is tied to an electronic
signiture
>
>I'm no expert on "electronic signatures", but as I
understand it, they
>work something like this. They use public key
cryptography. Each
>individual has a private key known only to them, and
there is a public
>key known to everyone. An individual can "sign" a block
of information
>(say a database record) by feeding that information, plus
the person's
>private key, into a signing algorithym. The algorthym
produces a set
>of numbers which are known as the signature. The point
is, that the
>signature can be verified correct, by anyone, using tyhe
well-known
>public key. So, everyone can be certain that the signed
information
>was, in fact, created by the specified individual - and
has not been
>altered since.
>
>I guess you could code-up something like this for when
the user enters
>a new record? They'd have to enter their private key so
the
>application could generate the relevant signature & store
it with the
>database record.
>
>As I say, I'm no expert in this, but I feel it should be
possible "in
>pinciple".
>
>
>> 2. audit trails - identifying
>> users, approvals and progressions that lead back to the
>> original data and capture actions at the date and time
>> they occur, independently of the operators.
>
>You can do this using Access user-level security &
approriate code
>throughout your application.
>
>
>However! Unfortunately, Access user-level security
passwords can be
>recovered from the workgroup file in which they are
stored. This is
>due to a simple "schoolboy howler" mistake in how MS has
stored the
>passwords. Thus, using a suitable cracking product, Tom
could easily
>log-on as Mary. Then Tom's actions (in the system) would
be audited to
>Mary, so requirement 2. would fail. However, since Tom
presumeably
>does not know Mark's private signing key, he would not be
able to make
>his records look like Mary's.
>
>HTH,
>TC
>
>
>>
>> Hope this cleared it up a little.
>> Thanks,
>> Katherine
>>
>> >-----Original Message-----
>> >If you gave an explanation or link to what you mean
>> by "part 11
>> >compliant", maybe someone could help you.
>> >
>> >HTH,
>> >TC
>> >
>> >
>> >"Katherine H" <anonymous@discussions.microsoft.com>
wrote
>> in message news:<061701c4733e$016d3f80
$3501280a@phx.gbl>...
>> >> I am looking for ways to make ACCESS 2000 Part 11
>> >> compliant. Does anyone have any suggestions?
>> >>
>> >> Thanks,
>> >> Katherine
>> >.
>> >
>.
>
- Next message: Ilan: "Re: multiple users in a secured database"
- Previous message: Lynn Trapp: "Re: Drowning in Security...HELP!"
- In reply to: TC: "Re: Part 11 compliant"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
