Re: [PHP] Secure DB Systems - How to - Mailing list pgsql-sql
| From | Sarah Tanembaum |
|---|---|
| Subject | Re: [PHP] Secure DB Systems - How to |
| Date | |
| Msg-id | ccuv7a$die$1@sea.gmane.org Whole thread Raw |
| In response to | Re: [PHP] Secure DB Systems - How to (Bruno Wolff III <bruno@wolff.to>) |
| List | pgsql-sql |
Thanks Bruno. I see the potential challenge. If the field value is encrypted, how can search be done for certain value? Do I have to seach for the encrypted value? If so, what password or key should I use? Thanks "Bruno Wolff III" <bruno@wolff.to> wrote in message news:20040709152722.GA20935@wolff.to... > On Thu, Jul 08, 2004 at 11:49:36 -0400, > Sarah Tanembaum <sarahtanembaum@yahoo.com> wrote: > > I was wondering if it is possible to create a secure database system > > usingPostgreSQL/PHP combination? > > > > I have the following in mind: > > > > I wanted to store all my( and my brothers and sisters) important document > > information such as birth certificate, SSN, passport number, travel > > documents, insurance(car, home, etc) document, and other important documents > > imagined in the database. > > > > The data will be entered either manually and/or scanned(with OCR). I need to > > be able to search on all the fields in the database. > > > > We have 10 computers(5bros, 4sisters, and myself) plus 1 server with I > > maintained. The data should be synchronize/replicate between those > > computers. > > > > Well, so far it is easy, isn't it? > > > > Here's my question: > > > > a) How can I make sure that it secure so only authorized person can > > modify/add/delete the information? Beside transaction logs, are there any > > other method to trace any transaction(kind of paper trail)? > > Keeping the system administrator from seeing the data while making it > searchable is difficult. To do this you need to encrypt the data on > the client side using a key the client has (and this key has to be > protected from loss) and the only searches you can do are equality > searches using a hash or encrypted value. > > The system administrator can always delete the data. > > If you store which user has access to a row in the row, you can use views > to control access to the rows for people other than the system administrator. > > > b) How can I make sure that no one can tap the info while we are entering > > the data in the computer? (our family are scattered within US and Canada) > > Use SSL. > > > c) Is it possible to securely synchronize/replicate between our computers > > using VPN? Does PostgreSQL has this functionality by default? > > Probably the best thing here is to run one live server and make backups > of the system that you store at your relatives along with instructions > for recovering them if something happens to you. Probably the backups > should be encrypted with either the keys in your safe deposit box or > using a system where something like 3 out of 5 keys can be used to recover > the backup files. Be sure to test the backup recovery. > > ---------------------------(end of broadcast)--------------------------- > TIP 6: Have you searched our list archives? > > http://archives.postgresql.org >