sansang

Security infrastructure - Using FM native security features VS re-creating privilege control wheels

Discussion created by sansang on Oct 15, 2018
Latest reply on Nov 15, 2018 by g.data

I started using FileMaker since 2007 and I started developing commercial db systems for customers since 2014, along the FM developing journey I found it convenient and comfortable to design the solutions using multiple files paradigm, where UI and Data files are separated logically and some parts of the solution files can be highly reusable amongst different systems.

 

However applying multi-file development also introduces some trouble for user account management, syncing different user/privilegeset settings between different files are a challenging task. As a result I developed a full suite of "privilege set (for user roles) and user account" tables to manage the users and privileges in my own manner, so each time i need a new user account, I'd create a new record in the "User" table and assign the new user a certain privilegeset,  in this way it's also easy to know which users are linked with which privilegeset, the solution end users can control these security settings without using the native FM security dialogs, etc..  Anyway, I want to say that I was quite happy with this "customized security settings solution" , until I read this article recently:

 

A Conversation About '2 Factor Authentication'

 

Although in the thread I saw people were mainly discussing whether it's doable to introduce the "ersatz" 2 factor authentication, I learned that managing the security settings in a "ersatz" way aren't supported/welcomed by many well known  developers, which makes me worried about my way of manipulating the security settings as mentioned above, so my question is:

Is it okay to use this kind of "ersatz" security designs to replace the FM native security settings?

 

So far I'm quite satisfied with what I've achieved, I even built a framework based upon this paradigm and delivered several solutions to my customers. It would be quite depressing if this method is proved to be insecure and should be prohibited ... ( however I haven't figured out how to crack into such systems if the external file reference is protected, especially if the system is hosted on a remote FMS and you cannot get the local file copies. ) 

 

I'm not a native English speaker , hopefully I made my statements clear enough, thank you in advance!

Outcomes