Re: Database Hosting

From: Joshua J. Kugler <joshua_at_eeinternet.com>
Date: Mon, 20 Nov 2006 12:58:01 -0900
Message-Id: <456217ff$0$21221$88260bb3_at_free.teranews.com>

Murdoc wrote:

> Hi all,
>
> Our company is about to embark on rewriting our entire application to be
> truly client/server based, and bring the UI up to .NET. One of the
> additional services that our CEO wants to provide is the hosting of the
> software ourselves (to save our smaller clients the licensing costs of the
> database server software, etc).
>
> However, the proposed solution to this is to simply have a single database
> with every client's data in it, and add a 'client-code'/'client-id' field
> to EVERY single table in the database.
>
> Now, to me this seems to be a seriously flawed method of doing it, when a
> much simpler option (one database per client) is available.
>
> What are your thoughts, and how do other companies provide a similar
> service?

How is security laid out? Is it table or row based permissions? If it is table based permissions, a user could log in with another client for your SQL server and issue queries on data that does not belong to them. I would *highly* recommend doing one database per customer. Security (in my mind, anyway) will be greatly simplified.

-- 
Joshua Kugler
Lead System Admin -- Senior Programmer
http://www.eeinternet.com
PGP Key: http://pgp.mit.edu/  ID 0xDB26D7CE

-- 
Posted via a free Usenet account from http://www.teranews.com

Received on Mon Nov 20 2006 - 22:58:01 CET

This message: [ Message body ]
Next message: NENASHI, Tegiri: "Re: Functions and Relations"
Previous message: Bob Badour: "Re: Database Hosting"
In reply to Murdoc: "Database Hosting"
Next in thread: Murdoc: "Re: Database Hosting"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message