Re: How to secure PostgreSQL Data for distribute? - Mailing list pgsql-sql

From Ferindo Middleton Jr
Subject Re: How to secure PostgreSQL Data for distribute?
Date
Msg-id 43051B90.5040602@verizon.net
Whole thread Raw
In response to How to secure PostgreSQL Data for distribute?  ("Premsun Choltanwanich" <Premsun@nsasia.co.th>)
List pgsql-sql
On 8/17/05, Premsun Choltanwanich <Premsun@nsasia.co.th> wrote:

>>  
>> Dear All, 
>>   
>>      I need to distribute my application that use PostgreSQL as database to
>> my customer. But I still have some questions in my mind on database
>> security. I understand that everybody  who get my application database will
>> be have a full control permission on my database in case that PostgreSQL
>> already installed on their computer and they are an administrator on
>> PostgreSQL. So that mean data, structure and any ideas contain in database
>> will does not secure on this point. Is my understanding correct? 
>>   
>>      What is the good way to make it all secure? Please advise. 
>  
>   If it is "your" database, then  I would not give them the database, 
but merely offer the information in the database as a "service." This, 
of course, can be implemented through the internet. That way, the rules 
that govern which customers can access and see which pieces of data can 
be implemented in the application itself so you wouldn't have give them 
all the data and structure the customer doesn't need to see if the rules 
governing how they access the database from the application are built 
into the application itself, with possibly authentication credentials 
stored in the database and the athentication mechanism implemented in 
the application.   The only other way I can imagine where you can get beyond, atleast 
not showing the  data they don't need to see, is querying the database 
to filter out the data 'belonging' to the customer, and export that 
filtered data to isolated tables comprising a new database that could 
then be given to the customer, watered down to what's relevant to them.   If it's "your" database then, hey, don't give
itto them. If it's 
 
really "their" database then you wouldn't really have a problem with 
giving them their data... But it's apparently not really "their" 
database so keep it to yourself and offer access to the data as a service.

Ferindo

-- 
Ferindo Middleton
Chief Architect
Sleekcollar.com



pgsql-sql by date:

Previous
From: Roger Tannous
Date:
Subject: Re: A Table's Primary Key Listing
Next
From: "Lane Van Ingen"
Date:
Subject: SQL CASE Statements