Re: How to secure PostgreSQL Data for distribute?
| От | Ferindo Middleton Jr |
|---|---|
| Тема | Re: How to secure PostgreSQL Data for distribute? |
| Дата | |
| Msg-id | 43051B90.5040602@verizon.net обсуждение исходный текст |
| Ответ на | How to secure PostgreSQL Data for distribute? ("Premsun Choltanwanich" <Premsun@nsasia.co.th>) |
| Список | pgsql-sql |
On 8/17/05, Premsun Choltanwanich <Premsun@nsasia.co.th> wrote: >> >> Dear All, >> >> I need to distribute my application that use PostgreSQL as database to >> my customer. But I still have some questions in my mind on database >> security. I understand that everybody who get my application database will >> be have a full control permission on my database in case that PostgreSQL >> already installed on their computer and they are an administrator on >> PostgreSQL. So that mean data, structure and any ideas contain in database >> will does not secure on this point. Is my understanding correct? >> >> What is the good way to make it all secure? Please advise. > > If it is "your" database, then I would not give them the database, but merely offer the information in the database as a "service." This, of course, can be implemented through the internet. That way, the rules that govern which customers can access and see which pieces of data can be implemented in the application itself so you wouldn't have give them all the data and structure the customer doesn't need to see if the rules governing how they access the database from the application are built into the application itself, with possibly authentication credentials stored in the database and the athentication mechanism implemented in the application. The only other way I can imagine where you can get beyond, atleast not showing the data they don't need to see, is querying the database to filter out the data 'belonging' to the customer, and export that filtered data to isolated tables comprising a new database that could then be given to the customer, watered down to what's relevant to them. If it's "your" database then, hey, don't give itto them. If it's really "their" database then you wouldn't really have a problem with giving them their data... But it's apparently not really "their" database so keep it to yourself and offer access to the data as a service. Ferindo -- Ferindo Middleton Chief Architect Sleekcollar.com
В списке pgsql-sql по дате отправления: