I was asked to write a database and it’s GUI frontend for some non-profit organization I am member of.
The decision was to use .NET as I know C# fariy good and writing GUI is quite easy. I though of implementing local SQL Server database (as I worked earlier with MySQL) and connect to it via SqlClient interface. But then I discover some problem:
Machine with database installed is public. Even account from which database would be accessed is freely available. So as far as I know anyone who will bring portable MS Access would gain a free access to any data stored in database. Perhaps I am wrong and it is possible to encrypt database with password independent from user account. But I don’t know how to do that (I do not have MS Access, only basic Office and Visual Studio Express).
Or if it is impossible, what is the best way to replace SQL Server database?
As several people have pointed out, if the database files are public then the data is public. Encryption is not going to help you. Switching to SQLite will not help; you have to make the database files non-public.
One way to do this is to store your database on a private server and expose the data through a public API via SOAP, REST, web services or such. The GUI front-end will send requests to the private server and display the results.
Consider making the application a web app; the GUI front-end becomes an ordinary web browser.