I have a large project coming up which has a slightly strange request on the table. The project is a custom accounting/management system, with a CGI interface and RDBMS back-end as one would expect.
The chap I'm writing this for is somewhat paranoid (Having worked for a PKI/digital certificate company) and wants me to be able to split, or rather replicate, only part of the database for customer manipulation.

It works like this:
The management system is naturally all accessable by the Administrator. However parts are accessable by customers, so they are able to set up their own accounts if they choose to.
Instead of having some reasonably simple set of CGIs with, if you'll pardon the over-dramatic phrasing, security clearance checks to see who is an Administrator, and who can only access their own personal information, The Man wants something quite different.
He wants to have the entire database and software on one server, and then have PART of the database replicated in a second database on a second server with only a subset of the management CGIs. This second server's DB will only contain information about the users and none of the accounting information, and the CGIs will only be able to modify the users accounts accordingly.

I understand his wants to separate the accounting system out to make it more "secure" - and I can work out a basic system of dualled CGIs and various replicated DB tables... But I'm not sure its the best way to deal with this problem.

What does the Monk population think?

Cheers,
JP

-- Alexander Widdlemouse undid his bellybutton and his bum dropped off --