How to design a desktop application that has access to a database via LAN?
As part of a project for school I've been tasked with designing a secure application that should be able to upload and download files from a database. I have very little experience in the area of security so I'm unsure of where to start so I decided to start with the user-database interaction.
My rough idea of what I want made:
- The user logs in to the desktop application with a username and password.
I've searched around on google for quite a while but I can not find anything on how to do this securely. An idea I had was to authenticate the user somehow against a database server containing user logins, but from my understanding, this is not safe because of re-routing. What is the safest way to implement this?
- The user then has the ability to upload or download files via the application to a database server over LAN.
Is this even possible to do? I was planning on using a three-tier architecture design with an application server in the middle essentially making sure the user is authorized to receive or upload the information from/to the database, with the added security of needing to be logged in to the desktop application to be able to do anything. The communication between the client-app server-database would also all be encrypted to further security.
My questions are essentially; is this system even possible to make? Is there a better, more secure, implementation that is recommended here that I could use? Is my proposed system even physically possible? If not, what can I do to make it so? What parts are missing in between?