Doug, I wanted to discuss this more with you because it really seems a good start to the solution that I am thinking about. My initial thoughts when I started this project was to establish some way to authenticate the computer to the database server using some sort of complex process that would be unique to each client (without making this too complicated) either by a complex hash of software and hardware so even if you ghosted an image of the client machine, the code would be invalid on each new client. To initialize the client authentication, two separate users would have to validate the machine is allowed to connect to the database server. This I figured would come from a Sr. IT administrator, and a department head for the particular division that had access to the server.
The validation of those codes would be set on the server side by the president of the company in case a change occurred in the staff (either the Sr. IT or Department head) so the president o the company would have the ability to change, remove, and add a new authentication person. The reason for the two people needing to be involved in the process would be validation that neither of the two are trying to establish a connection outside of the approved machine. Once the machine is authenticated, and the handshake is done between the client and database server, the user would have to validate his credentials with the database engine to have access to the database. The benefits of such a system I thought would be: 1. You would have to convince another person in order to bring a new computer into the system 2. Presidents have definite control over the access ultimately, and would only have to involve himself when there is a change in personnel 3. Audit trails would be easily followed in all steps of the process 4. Regardless of most attempts of evil doers, the machine would have to validate a unique key code before a hacker could use any keystrokes he has captured from whatever process he uses to obtain user names and passwords. 5. Employees (the client's user) would not be able to access the information remotely without validating their laptop through the same process as his or her desktop at the office, this way an audit trail could be established. 6. Outside of a stolen laptop, it would then become very difficult to gain access to the system. When a laptop is stolen, the Sr. IT administrator can remove the access key from the server and all information that could be obtained by stealing the laptop would only be open to the public until the key is removed from the server. Does this process make sense to anyone else? Is it something that sounds reasonable or is there issues that I am missing in this process? I really like the idea of using the 0K protocol in authenticating the user on the client and the database server. Any thoughts? Paul From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Doug Hale Sent: February 12, 2008 11:03 AM To: [email protected] Subject: Re: [delphi-en] I am looking for suggestions [Non-text portions of this message have been removed]
