How do I prevent my clients viewing my database definition when it is installed on their server?

Question

I want to give my database to the client to install on their server.

However, I want to deny the client rights to see the tables and stored procedures and also want to restrict that database to run from a single IP address.

How do I stop the user viewing the database tables even though database is present on their server?

We want to give the application to run on their own servers, but we don't want to show the tables and stored procedures. They are also not supposed to make any modifications to the database. Is this possible?

Perhaps can we encrypt database credentials in the web.config file?

Answer 1

Short Answer: you can't.

If the database is being run on the customer's infrastructure, then the customer must have control over their own infrastructure. Without it, they cannot operate.

If you really don't want them to have that control, then you cannot give them the database. This is the "Software-as-a-Service" Operating Model wherein you licence the application but don't get to play with the "back-end" of things.

I would suggest that this is not a Technical problem. It's a Licencing one.

I assume that the licence agreement for your software includes a provision that prevents any Customer from "Reverse Engineering" any part of your product. That clause should be extended to include your database.

Any "mucking about" with the database should invalidate [at least] your support agreement with that Customer. If they want to take that Risk, well, that's up to them.

Answer 2

Unless you control login privileges, you will not able to restrict them. So think like you have granted them only basic SELECT to see the table data. since you are not maintaining server, they can easily get admin privelages.maintenance stuff still should be taken by client and once backups are taken they can see schema, sp..

One way I can think of is enable auditing and log to with some drawbacks. whole point boils down to trust. We administer a 3rd party database around 600GB in size. Vendor made it clear, any changes should be done through us and support terms won't be applicable for things not done through us which causes app down. Since they have schema, they can easily compare it with changed ones.

Answer 3

Every database user belongs to the public database role. When a user has not been granted or denied specific permissions on a securable object, the user inherits the permissions granted to public on that object.

Therefore unless until you can grant any permission to users for their login they wont be able to access tables, however can only see the databases listed on the server:

You just need to make sure, role assigned should be PUBLIC on the user mapping option of Login properties dialog box for the selected databases.