Protect KML file from downloading or accessing

Question

I am trying to protect my KML file, from being downloaded or its data extracted easily. All I want is the file to be viewed in google maps or google earth, but no one is allowed to download it or extract the data "easily" (the kml file isnt going to be available publicly). My kml files are a result of deep and exclusive analysis that is a signature I want to hide from competitors.

Also are there any alternatives to convert kml to a format that data cant be obtained easily from it. My KML files have polygons in 3D.

I understand the concept of everything that can be seen can be downloaded or extracted somehow,

Answer 1

I have 4 answers or 0 answers, depending on your project.

1. Using Google Maps Api for Business (~ 10.000$ per year) you can generate a Client ID and use that to protect a Fusion Table (can create in Google Drive) where you can import your KML and which you then can display using the Google Maps Api. It would be the perfect solution, but without Google Maps Api for Business your Fusion Table is not protected and so anybody can access it in Google Drive and view and copy-paste the Kml representation of the polygons.

2. Using Google Maps Engine (/Lite) you can import your Kml to Google as well (if you use Lite then you first need to import to Google "My Maps" and from within Google Maps Engine Lite you can then import from "My Maps"). I don't know the pricing for non-lite. A Google Maps Engine Map can be shared so its only viewable and in this only viewable version I have not found a way to download or view the raw-kml-data which would be what we want. Sounds all good, but you are limited to 3 layers in Maps Engine Lite and I have not found a way to import all my polygons (districts in my case) into one layer at once. I can only import them bit by bit as it seems (managed to import 10 polygons with a total of 353 Points into one layer). Each import results in one layer, can't move stuff from one layer to another and for some reason there are some polygons that I can't seem to import. Edit:
   I can import all polygons, one polygon (due to algorithmic simplification of my polygons) got an intersection (line crossing) and as soon as I fixed that part the import didn't throw any errors anymore, but I see now that I can only embed that map using an iframe having the legend included as well, so this solution is nothing for me.

3. Restrict access to a KML on your server to Google servers only using a white list of Google Maps servers which might request your KML. Problem: can't find such a list online... must collect in some way first.

4. Also there are blog entries Protecting KML Files from general public access in Google Maps and Protect KML / KMZ Files from Unauthorized Access Using Cryptography

Answer 2

Your question is based on a fallacy of computer security known as "security through obscurity". The fallacy is this. You say you don't want it downloaded "easily." You can make it hard, but as long as its possible as soon as one person figures it out they write a script to do it automatically and its then "easy." There is no answer to your question because it is impossible. Any content you make available is pirateable, and any data is reconstructable.

Answer 3

Why not just save the kml file(s) and cut/paste onto a password encrypted usb drive, like Kingston or Kanguru defender. Then just open the kml from your usb disk.

Answer 4

you can check the $_SERVER["HTTP_USER_AGENT"] variable and if is from google then generate the kml from php.

$agent = "Kml-Google";
$google = strpos($_SERVER["HTTP_USER_AGENT"], $agent);
($google !== FALSE) or die;
header('Content-Type: application/vnd.google-earth.kml+xml kml');
header('Content-Disposition: attachment; filename="otras.kml"');
?>
<?xml version="1.0" encoding="UTF-8"?>
<kml xml ...