On 3/29/07, nhrcommu@rochester.rr.com <nhrcommu@rochester.rr.com> wrote:
>
> > On Thu, Mar 29, 2007 at 01:56:34PM +0530, Sandeep Agarwal wrote:
> > > i am new to postgres and am puzzled how to solve the untrusted
> > admin
> > > problem.
> > >
> > > i am having very sensitive data (accounts and payroll) on postgresql
> > > server. the goal i want to achive is that even the sys.
> > admin/database> admin. should be able to read the data. i
> > understand that the solution
> > > lies in encrypting the fields.
>
> Sandeep,
> Please do not take affront if I am reading way too much into your
> question, but if the following scenario is true:
> 1) It is a web application with the server colocated in the US
> 2) You are the developer AND admin and are not in the US
>
> If so, you obviously trust yourself -- the problem is that customers or
> prospective customers will possibly (likely) be hesitant to use your
> service, particularly when SSN's, names and employee addresses are involved.
>
> If my conjecture is true, then you may want to rephrase your question.
> Different suggestions may result.
yes you are correct. the servers are colocated in the US and we are
working from India.
> If I am 'off base', please disregard.
>
> Thanks,
> Mike Ellsworth
>