pakt sardines wrote: > ...the big issue for us is > that the data in the databases has significant intellectual property > value. It has taken literally years of work to collect the data. We do > not want the users of the commercial product to be able to fire up > postgres and type something like: user]% pg_dump their_data > our_product That seems more like a legal question than a technical one. The first thing that comes to mind is a lawyer to review your license agreements, contracts, and NDAs with your customers. Perhaps a contract giving you rights to audit their facilities in the extreme cases. > Additionally, we don't want to have to encrypt every entry in the > database, because that will cause significant overhead during processing. That's unlikely to work anyway. Organizations protecting valuable data using technical approaches (DVDs, etc) find it gets out anyway. Since you'll ship a client that can decrypt the data anyway, anyone with a debugger could decrypt it (unless you only want it to run on Trusted computing platform / palladium computers). > My question is, what options do we have? I'd say that many of the more successful companies that sell products with valuable data (geospatial data vendors; market research companies) use the legal options rather than the technical ones. > Can postgres store data as > some sort of unreadable binary, much like you would find in a C binary > data file? Huh? > If not postgres, what other database could possibly do this, if any? I > really don't want to have to write our own RDBMS. :) Doesn't seem much like a database question. I'd say ask on some trusted computing (google Trusted Computing) list if you want a technical solution or a lawyer if you want a legal one. > Thanks in advance for any advice or suggestions on this subject,
