List:General Discussion« Previous MessageNext Message »
From:Mark Phillips Date:October 4 2009 3:30pm
Subject:Re: Questions on Database Design
View as plain text  
Thanks to Martin and John for their help!

Mark

On Sat, Oct 3, 2009 at 5:53 PM, Martin Gainty <mgainty@stripped> wrote:

>  enforcing by username/password to the DB is your safest method
> and if you want to really be safe put ssh access onto the MySQL Server
>
> here is how to install SSH and MySQL onto Ubuntu
> http://ubuntuforums.org/showthread.php?t=388073
>
> and to access SSHClient
> http://dev.mysql.com/doc/refman/5.1/en/windows-and-ssh.html
>
> HTH
> Martin Gainty
> ______________________________________________
> Verzicht und Vertraulichkeitanmerkung/Note de déni et de
> confidentialité
>
> Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene
> Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte
> Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht
> dient lediglich dem Austausch von Informationen und entfaltet keine
> rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von
> E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
>
> Ce message est confidentiel et peut être privilégié. Si vous
> n'êtes pas le destinataire prévu, nous te demandons avec bonté que
> pour satisfaire informez l'expéditeur. N'importe quelle diffusion non
> autorisée ou la copie de ceci est interdite. Ce message sert à l'information
> seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant
> donné que les email peuvent facilement être sujets à la manipulation,
> nous ne pouvons accepter aucune responsabilité pour le contenu fourni.
>
>
>
>
>
>
> > Date: Sat, 3 Oct 2009 18:11:59 -0600
> > From: john.l.meyer@stripped
> > To: mark@stripped
> > CC: mysql@stripped
> > Subject: Re: Questions on Database Design
>
> >
> > Mark Phillips wrote:
> > > On Sat, Oct 3, 2009 at 3:06 PM, Martin Gainty <mgainty@stripped>
> wrote:
> > >
> > >
> > >> depends on the relationship of the Data Tables and the Users that use
> them
> > >>
> > >> for instance if I was to setup a table of outgoing calls from 2
> distinct
> > >> individuals :
> > >> Me> calls to HarvardMedicalSchool, MassGeneral,
> > >> SomervilleHospital and AMA
> > >> VereinDesKrankRufs>calls to Biff,Tony,EdSoprano and Destiny
> > >>
> > >> so as you can see the difference between my calls and Vereins calls
> should
> > >> never be joined
> > >> as Vereins customers are distinctly not mine and mine are not his
> > >> Moreover my contact table would contain Degrees and titles where
> Vereins
> > >> customers
> > >> have no need for that
> > >> So in this case it would make perfect sense for my Database to be
> separate
> > >> and distinct from Vereins database..if for no other reason than the
> schemas
> > >> are completely difference
> > >>
> > >> With an emphasis on security once Verein initiates populating his
> records
> > >> on your DB by populating the same tables and using the same join
> > >> relationships it will be impossible to force him to not use those
> tables
> > >> or even to restrich his access to the slave server while you're
> updating
> > >> the master
> > >> You can restrict access by GRANT SELECT on the tables to Verein but
> that
> > >> would last only a week or 2 until Verein requests update and insert
> access
> > >> to the DB. Once the INSERT and UPDATE grants are made you wont be able
> to
> > >> separate his records from yours
> > >>
> > >> Keep the 2 separate is my suggestion..MySQL is inexpensive and HW is
> cheap
> > >> so this should be a low cost solution for you
> > >>
> > >> Keep us apprised and any feel free to inquire on any operational
> details
> > >> you may require.
> > >>
> > >> Thanks! To make sure I understand. Even if the schemas are the same,
> if the
> > >>
> > > data is not related, nor is meant to be combined in some way (eg rolled
> up
> > > or summed in some way), then creating a separate database for each user
> is a
> > > better way to go; or at least a meaningful way to go. A side benefit is
> > > greater security from the stand point that user a cannot get to user
> b's
> > > data.
> > >
> > > Can't I achieve the same level of security if each row has a userID,
> and all
> > > queries use a "where userID=xxxxxxx" clause?
> > >
> > > Mark
> > >
> >
> >
> >
> > no, don't confuse that with database security. There are too many ways
> > to get around that sort of trick through SQL injection attacks. Read
> > http://dev.mysql.com/doc/refman/5.4/en/privilege-system.html for a
> > starter on privileges and security.
> > But as long as you're not needing to regularly combine and aggregate the
> > data then creating separate databases is a reasonable option.
> >
> > --
> > MySQL General Mailing List
> > For list archives: http://lists.mysql.com/mysql
> > To unsubscribe: http://lists.mysql.com/mysql?unsub=1
> >
>
> ------------------------------
> Hotmail: Trusted email with powerful SPAM protection. Sign up
> now.<http://clk.atdmt.com/GBL/go/177141665/direct/01/>
>

Thread
Questions on Database DesignMark Phillips3 Oct
  • Re: Questions on Database DesignJohn Meyer3 Oct
    • Re: Questions on Database DesignMark Phillips3 Oct
      • Re: Questions on Database DesignJohn Meyer4 Oct
        • Re: Questions on Database DesignMark Phillips4 Oct
Re: Questions on Database DesignMark Phillips4 Oct
  • Re: Questions on Database DesignJohn Meyer4 Oct
    • Questions on un-index searches and slow-query-logCharles Brown5 Oct
      • RE: Questions on un-index searches and slow-query-logGavin Towey5 Oct
      • Re: Questions on un-index searches and slow-query-logWalter Heck - OlinData.com6 Oct
Re: Questions on Database DesignMark Phillips4 Oct