• Developer Zone
• Lists Home
• FAQ

I have some doubts on how to secure a MySQL database (MyISAM & InnoDb) 
against people who have physical access to the machine. Here are a few 
scenarios.

1) Let's say I want to use MySQL with my vertical market software but I 
don't want the customer to have access to my data outside of my 
application. I also don't want him to have access to my schema or be able 
to unload the data from the database. If the database is running on the 
customer's machine, he has root access and therefore can get the passwords 
and do anything he wants. My competitor could easily buy the software under 
an assumed name or get a copy from a mutual customer, and then be able to 
reverse engineer my database.

2) The database is installed at an ISP and contains valuable data. Someone 
at the ISP could make some easy money if he could unload the data or the 
schema and sell it to my competitor. Heck, my competitor could even open an 
account with the ISP to add some pressure or incentive to the night staff 
to make a few bucks on the side. If the database was on a virtual server, 
he could probably hack into the database without any help from the night 
staff. The problem is I would never know this has happened.

3) Someone breaks into my office and makes off with my database server. If 
the server is running Win2k, it is pretty easy to circumvent the 
administrator passwords in just a few minutes whether it is encrypted by 
the OS or not.

I could encrypt certain table fields, but this will make writing the front 
end a pain because all SQL statements will now need to be changed any time 
a new column is encrypted. I also don't know how encrypting index fields 
and large memo's are going to affect performance.

Is there a transparent solution that will solve these problems? TIA

Mike