|The CodeMine Security Manager provides a complete set of
security services to your applications. You can easily control who has access to your
applications data, keep audit trails of changes, encrypt data, and even detect
changes to sensitive data that are made outside of your application.
User Level Security
The CodeMine Security Manager lets you define individual user accounts, groups, and any
number of application specific privileges. The user accounts may be set to require minimum
password lengths, forced password change, or password locks. The system also includes a
complete set of tools for both developers and end users to maintain the security accounts
database. The User Account Editor form is shown below.
At runtime, individual fields can easily be read and/or write protected,
based on the privileges assigned to the currently logged on user. Any other aspect of your
application can be restricted simply by testing for membership in a particular group, or
checking if a particular privilege is granted.
Data Authentication Checksums allow you to maintain a keyed checksum for each record in a
table, so that you can detect any changes to the data which are made outside of your
application. For example, if a schools grading system used the data authentication
methods, and a student attempted to alter their grade by editing the tables, the record
would then fail authentication, and the unauthorized change would be exposed.
The Security Manager includes a fast, reversible data encryption algorithm for preventing
unauthorized users from viewing sensitive data outside of your application. Information
such as credit card numbers, social security numbers, payroll information, etc can be
stored in encrypted form on disk. To view or edit an encrypted field in your application,
simply set a bound controls cEncryptionKey property to enable the encryption. The
encrypted fields can then only be read or printed under the control of your application.
Event Logging can be enabled to record every security event that occurs in your application,
such as when users log on or off, or make changes to the security database. You can also
use the event log to record any application specific events you like. Logged events can
then be easily traced to the user who initiated them.
The event log uses the data
authentication methods described earlier to ensure that no log entries have been altered
or tampered with.
The Security Manager also includes support for Serial Number Locks on your
application. If you enable this feature, then a valid serial number will be required to
install your application. This makes it more difficult for someone to install a copy
without permission from you. It also makes it easier to track unauthorized installations
back to their source. A utility is provided to generate valid serial numbers that are
unique to each individual application. This technique is similar to the "CD-Key"
required to install many commercial software applications today.