pakt sardines wrote:
> ...the big issue for us is
> that the data in the databases has significant intellectual property
> value. It has taken literally years of work to collect the data. We do
> not want the users of the commercial product to be able to fire up
> postgres and type something like: user]% pg_dump their_data > our_product
That seems more like a legal question than a technical one.
The first thing that comes to mind is a lawyer to review your license
agreements, contracts, and NDAs with your customers. Perhaps a contract
giving you rights to audit their facilities in the extreme cases.
> Additionally, we don't want to have to encrypt every entry in the
> database, because that will cause significant overhead during processing.
That's unlikely to work anyway. Organizations protecting valuable data
using technical approaches (DVDs, etc) find it gets out anyway.
Since you'll ship a client that can decrypt the data anyway, anyone with
a debugger could decrypt it (unless you only want it to run on Trusted
computing platform / palladium computers).
> My question is, what options do we have?
I'd say that many of the more successful companies that sell products
with valuable data (geospatial data vendors; market research
companies) use the legal options rather than the technical ones.
> Can postgres store data as
> some sort of unreadable binary, much like you would find in a C binary
> data file?
Huh?
> If not postgres, what other database could possibly do this, if any? I
> really don't want to have to write our own RDBMS. :)
Doesn't seem much like a database question. I'd say ask on some trusted
computing (google Trusted Computing) list if you want a technical
solution or a lawyer if you want a legal one.
> Thanks in advance for any advice or suggestions on this subject,
