Postgres Pro
Downloads
Home   >   mailing lists

Re: How to secure PostgreSQL Data for distribute? - Mailing list pgsql-sql

From Christopher Browne
Subject Re: How to secure PostgreSQL Data for distribute?
Date
Msg-id m3pssbieqo.fsf@mobile.int.cbbrowne.com
Whole thread Raw
In response to How to secure PostgreSQL Data for distribute?  ("Premsun Choltanwanich" <Premsun@nsasia.co.th>)
List pgsql-sql
Tree view 
> Premsun Choltanwanich wrote:
>
>> Dear All,
>>       I need to distribute my application that use PostgreSQL as
>> database to my customer. But I still have some questions in my mind
>> on database security. I understand that everybody  who get my
>> application database will be have a full control permission on my
>> database in case that PostgreSQL already installed on their computer
>> and they are an administrator on PostgreSQL. So that mean data,
>> structure and any ideas contain in database will does not secure on
>> this point. Is my understanding correct?
>>       What is the good way to make it all secure? Please advise.
>
> If your customer can access the data, they can access the data.  If
> they have control over the system, they can access the system.
>
> I guess you could build some sort of encryption into your client, but
> that seems pretty easy to circumvent.
>
> The short answer is that there is no good way to do this.  If you are
> worried about this, the technology isn't going to save you.  No
> technology will save you.  Instead, I would highly suggest discussing
> the matter with an attourney and see if there is a legal remedy that
> might provide adequate protection.

It looks as though the Original Poster is in Thailand; if the customer
is elsewhere in Asia, it might become challenging to find a context
where "legal jurisdiction" or "legal remedy" are well enough defined
for this to work out well.

It may be that the prime issue is whether or not the customer is
trustworthy or not; if the answer is "not," and legal remedies are not
easy to get, then there are essentially two choices:

1.  Do not distribute the database.

The customer must access the database from the vendor's site.  

At the extreme end of this, the application would not directly submit
database queries, but rather redefine the application in a
client/server fashion where the customer side submits requests via
some protocol that does not expose anything about the database schema.

2.  If the customer is REALLY not able to be trusted, then maybe they
can't be a customer.
-- 
(reverse (concatenate 'string "moc.liamg" "@" "enworbbc"))
http://cbbrowne.com/info/
If we were meant to fly, we wouldn't keep losing our luggage.

pgsql-sql by date:

Previous
From: Roger Tannous
Date:
Subject: Re: Locating ( FKs ) References to a Primary Key
Next
From: Halley Pacheco de Oliveira
Date:
Subject: Re: [despammed] converting varchar to integer