Subject Protecting data from end users
Author richwiz11
Hi, I need a way of logging or protecting data from being deleted by a user.

I work for a POS (point of sale) company, each user "shop" would have a local firebird db running. We are entering into a new market where regulation states we have to protect our system from tax evasion (where possible)

We have figured out to how protect sales data from being altered. The problem I am left with is how to protect a row from being deleted. (firstly, have come to the conclusion that it impossible to fully protect data, however the idea here is just make it a bit harder and scare people off)

The two method I have thought of is
a) Using roles and remove the delete privilege (we currently just using SYSDBA, which is probably a bit bad anyway)
b) Add some kind of trigger logging to keep this deleted data and copy to another db.

Just wanted to know if anyone else had any other ideas or been in a similar situation.

PS at the moment using FB 2.0, however planning on upgrading our clients to FB 2.5. I have been looking at the trace logging in FB2.5 but don't see that usefull for this problem

Thanks in advance