Home > mailing lists

Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres - Mailing list pgsql-hackers

From	Douglas McNaught
Subject	Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres
Date	March 30, 2008 22:04:25
Msg-id	5ded07e00803301437n28abb52ay38ad5cf1653bd726@mail.gmail.com Whole thread Raw
In response to	Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

On Sun, Mar 30, 2008 at 4:36 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> sanjay sharma <sanksh@hotmail.com> writes:
>  > 1. Transparent Data Encryption: The column which needs to be stored in encrypted form can be specified through
DDL.The encryption key can be stored in a  secure file accessible through a pass phrase. That particular column would
apperin encrypted form for all users except the users specified through a grant to see the data in decrypted form.
 
>
>  Exactly what threat do you see this protecting against, that wouldn't be
>  better solved by SQL-standard features like column-level access
>  permissions?

Yes.  And if you're concerned about people getting access to the raw
data files, put $PGDATA on an encrypted partition.

-Doug

pgsql-hackers by date:

From: Tom Lane
Date: 30 March 2008, 21:34:28
Subject: Re: [GENERAL] Connection to PostgreSQL Using Certificate: Wrong Permissions on Private Key File

From: "Jonah H. Harris"
Date: 30 March 2008, 23:10:50
Subject: Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres

Re: Submission of Feature Request : RFC- for Implementing Transparent Data Encryption in Postgres - Mailing list pgsql-hackers

Previous

Next