Postgres Pro
Downloads
Home   >   mailing lists

Re: Hiding data in postgresql - Mailing list pgsql-general

From Hector Beyers
Subject Re: Hiding data in postgresql
Date
Msg-id AANLkTiknwlRzII_5if-6soGPXAP-qefLQYBFJeiSsKjw@mail.gmail.com
Whole thread Raw
In response to Re: Hiding data in postgresql  (Merlin Moncure <mmoncure@gmail.com>)
Responses Re: Hiding data in postgresql  (Justin Graf <justin@magwerks.com>)
List pgsql-general
Tree view

No, I have not considered encrypting or decrypting data. The reason for this is that I am trying to secure a database by thinking like a malicious user / criminal. I want to hide (for example) fraudulent data on a database where it is not easily seen by others and then build a tool to detect this hidden data. 

On your questions:

*) What data is to remain secret?
*) Who is allowed to see the secret data?
*) When do they see it?
*) What sacrifices are you willing to make to keep the data secret?
*) Where are you going to store the key?

the answers:
  • fraudulent data / or data that needs to be hidden.
  • only the malicious user - and hopefully later a detection mechanism that I aim to build.
  • I don't really have a preference on when they can see the data, but maybe when you export a dump. 
  • The main purpose of hiding the data is that the normal users of the database will not easily find the hidden data. If this criteria is met, then any other sacrifices can be made. 
  • Still need to figure that one out. 

Any good brainstorming ideas will help!



On Mon, May 24, 2010 at 11:04 PM, Merlin Moncure <mmoncure@gmail.com> wrote:
On Mon, May 24, 2010 at 3:16 PM, Hector Beyers <hqbeyers@gmail.com> wrote:
>
> Hi guys,
> does ANYONE have any tips on hiding data on a database server? This means
> that data is stored in places that is not necessarily picked up in the
> schema of the database. I am doing some research on databases and need some
> direction.
> Any help or direction will be highly appreciated.

First question: Have you considered 1. encrypting data when you put it
in the database and 2. decrypting it when you pull it out?

Let me humbly state that the #1 problem that beginners face with
security and encryption is focusing too much on the mechanics and not
enough on the 'big picture' issues:

*) What data is to remain secret?
*) Who is allowed to see the secret data?
*) When do they see it?
*) What sacrifices are you willing to make to keep the data secret?
*) Where are you going to store the key?

Answers to those questions should get you more helpful answers.
Postgres has a lot of features to hide data, some obvious (pgcrypto,
grant/revoke) and some not so obvious (revoking permissions from
pg_proc).  Judging from your question you may be interested in some
extra-special techniques...please be more specific!

merlin

pgsql-general by date:

Previous
From: Dennis Gearon
Date:
Subject: Re: timestamp configuration
Next
From: Malm Paul
Date:
Subject: uppdate from postgersql 8.3.7 to 8.4.4