Re: Database level encryption - Mailing list pgsql-admin

From Timothy Madden
Subject Re: Database level encryption
Date
Msg-id g2x5078d8af1004060759t1f6e0070u288201c87f925ca2@mail.gmail.com
Whole thread Raw
In response to Re: Database level encryption  ("Kevin Grittner" <Kevin.Grittner@wicourts.gov>)
Responses Re: Database level encryption
List pgsql-admin
The machine does not have internet and it will not be trivial for the
bad guy to install anything there.

And my idea is exactly that the database is inaccessible, even if the
server starts. Unless the password is provided upon connecting or
selecting the database. You can think of it as if all columns in all
tables are ecrypted (although I would like even the number and names
of tables and schema-objects to be encrypted).

On Tue, Apr 6, 2010 at 5:36 PM, Kevin Grittner
<Kevin.Grittner@wicourts.gov> wrote:
> Timothy Madden <terminatorul@gmail.com> wrote:
>
>> With an encrypted database, you need the password anytime you
>> connect, even if another application already has an open
>> connection.
>
> How is the database server supposed to start up and become ready to
> accept connections without reading the database?
>
> Also, as previously mentioned, if a bad guy gets hold of the machine
> while running, what prevents them from installing a daemon to record
> and transmit keystrokes after they copy the encrypted data?
>
> Perhaps an encrypted drive for the database data combined with an
> aggressive lockup policy for an idle machine would work?
>
> -Kevin
>

pgsql-admin by date:

Previous
From: "Kevin Grittner"
Date:
Subject: Re: Database level encryption
Next
From: "Melissa Peterson"
Date:
Subject: Re: Database level encryption