Thread: Encrypting a single column
Hi people, We need to encrypt an individual column in a table. I've noticed that pgcrypto can do this. However we have one problem, our software runs through a closed source "connectivity kit" that allows it to use a postgres dbms, so our programs cant sent an individual sql statement to give the password. The column we want to encrypt is used in thousands of programs so it's hard for us to change all the programs to encrypt / decrypt the column Can anyone see any way around this? __________________________________________________________ Sent from Yahoo! Mail - a smarter inbox http://uk.mail.yahoo.com
I guess a simpler way to say this is; is there a way we can make a column in postgres to be encrypted but entirely transparent to the user? Could we do this with phgcrypto + some form of trigger or view etc? --- Glyn Astill <glynastill@yahoo.co.uk> wrote: > Hi people, > > We need to encrypt an individual column in a table. I've noticed > that > pgcrypto can do this. > > However we have one problem, our software runs through a closed > source "connectivity kit" that allows it to use a postgres dbms, so > our programs cant sent an individual sql statement to give the > password. > > The column we want to encrypt is used in thousands of programs so > it's hard for us to change all the programs to encrypt / decrypt > the > column > > Can anyone see any way around this? > > > __________________________________________________________ > Sent from Yahoo! Mail - a smarter inbox http://uk.mail.yahoo.com > > > > ---------------------------(end of > broadcast)--------------------------- > TIP 1: if posting/reading through Usenet, please send an > appropriate > subscribe-nomail command to majordomo@postgresql.org so that > your > message can get through to the mailing list cleanly > Glyn Astill __________________________________________________________ Sent from Yahoo! Mail - a smarter inbox http://uk.mail.yahoo.com
>>> On Fri, Dec 14, 2007 at 10:30 AM, in message <659515.22036.qm@web25809.mail.ukl.yahoo.com>, Glyn Astill <glynastill@yahoo.co.uk> wrote: > We need to encrypt an individual column in a table. I've noticed that > pgcrypto can do this. > > However we have one problem, our software runs through a closed > source "connectivity kit" that allows it to use a postgres dbms, so > our programs cant sent an individual sql statement to give the > password. I assume that you're trying to protect against a backup of the database falling into the wrong hands? If so, your connectivity layer should be doing the work. Get the vendor to support what you need or replace the layer with something which has better support (or that you can support yourselves). Any solution which includes what's necessary for decryption in the dump will not really be much of a solution. If you're trying to protect against something else, please clarify. -Kevin
On Fri, Dec 14, 2007 at 11:54:58AM -0600, Kevin Grittner wrote: > > We need to encrypt an individual column in a table. I've noticed that > > pgcrypto can do this. > > > > However we have one problem, our software runs through a closed > > source "connectivity kit" that allows it to use a postgres dbms, so > > our programs cant sent an individual sql statement to give the > > password. > > I assume that you're trying to protect against a backup of the > database falling into the wrong hands? If so, your connectivity > layer should be doing the work. I think, he should go for encrypted backup instead if that's what he wants to accomplish. > If you're trying to protect against something else, please clarify. +1 Bye, Tino. -- www.craniosacralzentrum.de www.lebensraum11.de www.spiritualdesign-chemnitz.de Tino Schwarze * Parkstraße 17h * 09120 Chemnitz