The access privilege for the data stored in the table of this feature are automatically set according to the privileges described in "5.2.5 Setting Privilege".
You can use PostgreSQL's security features for the data stored in the table of this feature. If you use transparent data encryption, place the database that uses this function in an encrypted tablespace. This is because the model file is saved in a system catalog called pg_largeobject.
If you want to restrict users who can use the model on a per-model basis, configure the inference server to allow access only from Fujitsu Enterprise Postgres. Specifically, enable mTLS authentication on the inference server and allow only the client certificate used by Fujitsu Enterprise Postgres.
Point
The model files created in the directory specified by the pgx_inference.triton_model_repository_path parameter during model loading are not protected by transparent data encryption. If you want to reduce the risk of model file leakage even slightly, specify a volatile temporary area such as tmpfs for pgx_inference.triton_model_repository_path parameter, and promptly delete unnecessary model files yourself after use. If high confidentiality is required, consider encrypting the entire file system or disk.
