Re: Database level encryption - Mailing list pgsql-admin

From Timothy Madden
Subject Re: Database level encryption
Date
Msg-id m2r5078d8af1004051330n1874e532u3c88fd1bc31c8697@mail.gmail.com
Whole thread Raw
In response to Re: Database level encryption  (Joe Conway <mail@joeconway.com>)
Responses Re: Database level encryption
List pgsql-admin
My scenario is how to protect the database if the machine is stolen
(it is a mini-laptop), and
I would like to encrypt the entire database, that is all columns of
all tables, and if possible
everything else found in the database.

I would like all searching and sorting functions, just like with a
normal database (that is,
transparent encryption for the application level). The password will
be entered by a human in
order to start the application. The application exits after three
unsuccessful attempts, but
nothing prevents the user to start the application again; the number
of failures is not counted.
However if the database could count that I would not mind. I want a
single password for
data access to the entire database, there is only one database user
involved anyway.

I do not  see the careful analysis required that you write about, I
would say I am asking for
SGBD support for database-level encryption.

Thank you,
Timothy Madden




On Sat, Apr 3, 2010 at 8:03 PM, Joe Conway <mail@joeconway.com> wrote:
> On 04/03/2010 06:35 AM, Timothy Madden wrote:
>> I can only see how PostgreSQL encrypts the password or the connection
>> in the documentation, and for the database I can see application-level
>> encryption with pgcrypto (and filesystem level encryption), How could
>> I get database level encryption in PostgreSQL ?
>
> This is an extremely broad question, and you have barely begun to
> provide enough information to answer it. For starters:
>
> 1. What is your threat scenario?
>   a) The physical machine is stolen
>   b) A database dump is stolen
>   c) Someone roots your system
>   d) Someone compromises your application, via SQL injection, etc
>
> 2. What data needs to be encrypted?
>   a) All columns of all tables
>   b) Selected columns of selected tables
>
> 3. Do you need to be able to search or sort on any of the encrypted
>   columns?
>
> 4. Is your password stored somewhere on the hardware, or is it entered
>   by a human every time the application starts?
>
> 5. Do you want a single password for all data access, or is the
>   encryption by user or some other segmentation?
>
> 6. Is brute-force cracking of the password a concern? Will your
>   application shut down repeated failed attempts?
>
> There is no magic bullet. This requires careful thought, analysis, and
> trade-offs.
>
> Joe
>
>

pgsql-admin by date:

Previous
From: Brad Nicholson
Date:
Subject: Re: Migrate postgres to newer hardware
Next
From: Scott Marlowe
Date:
Subject: Re: Database level encryption