Thread: Re: Smart card connection pgAdmin/PostgreSQL
Le mercredi 17 mars 2010 à 13:13 +0000, Dave Page a écrit :
> I assume
> it's possible to store an SSL private key on them for authentication
> against a remote server?
Yes, this is the basic feature.
It is also possible to use the smartcard chip to make crypto operations,
thus offering superior decryption/encryption security.
At no moment, the private keys leave the key. Thus there is very little
possibility to steal secrets. Even on a compromised computer, the
secrets cannot be stolen. To connect, you need a smart card and the PIN
code.
Also, you may think of server-side data encryption, where tables are
encrypted.
In some companies, data are considered like the heart of the activity.
In these business it may be valuable to use smart cards.
Kind regards,
Jean-Michel
--
Jean-Michel Pouré - jmpoure@gooze.eu
2010/3/17 Jean-Michel Pouré - GOOZE <jmpoure@gooze.eu>: > Le mercredi 17 mars 2010 à 13:13 +0000, Dave Page a écrit : >> I assume >> it's possible to store an SSL private key on them for authentication >> against a remote server? > > Yes, this is the basic feature. > > It is also possible to use the smartcard chip to make crypto operations, > thus offering superior decryption/encryption security. > > At no moment, the private keys leave the key. Thus there is very little > possibility to steal secrets. Even on a compromised computer, the > secrets cannot be stolen. To connect, you need a smart card and the PIN > code. > > Also, you may think of server-side data encryption, where tables are > encrypted. > > In some companies, data are considered like the heart of the activity. > In these business it may be valuable to use smart cards. Cool - thanks. It's interesting tech, though whether I'll have time to look into it myself at the moment isn't clear unfortunately. -- Dave Page EnterpriseDB UK: http://www.enterprisedb.com PG East Conference: http://www.enterprisedb.com/community/nav-pg-east-2010.do