Re: database encryption

Поиск
Список
Период
Сортировка
От Olivier Boissard
Тема Re: database encryption
Дата
Msg-id 45CC2AC8.5020005@cerene.fr
обсуждение исходный текст
Ответ на Re: database encryption  (Bruce Momjian <bruce@momjian.us>)
Ответы Re: database encryption  (Bruno Wolff III <bruno@wolff.to>)
Список pgsql-admin
Bruce Momjian a écrit :
> Michael Fuhr wrote:
>
>> On Thu, Feb 08, 2007 at 09:13:48AM +0100, Olivier Boissard wrote:
>>
>>> I was thinking about a system in which only the php programs will be
>>> able to manage stored informations. In case of  theft or unexpected
>>> access to servers nobody could be able to retrieve the stored data
>>> without the authorized key.
>>>
>> What about theft or compromise of the server running the PHP code?
>> In general it's a good idea to encrypt and decrypt as close to where
>> the cleartext is needed to limit exposure, but you should also
>> consider the vulnerability of the system that holds the key.  For
>> some applications it might make sense to use public-key encryption
>> with the exposed (e.g., Internet-facing) server having only the
>> public (encryption) key and a more protected backend server having
>> the corresponding private (decryption) key.
>>
>> Without knowing the requirements and the threat model it's impossible
>> to suggest a suitable solution.  Can you be more specific about what
>> you're trying to do?
>>
>
> We do have an encryption section in our documentation:
>
>     http://www.postgresql.org/docs/8.2/static/encryption-options.html
>
>
>
Thanks for responses.
I expose the context of my question :

I need to install a server for a specific web application written in PHP.
This one works by making queries to a postgresql database. The database
contains confidential data.
For several reasons the server will be installed inside the Local
network of our client. I will not be able to supervise and control it.
As it's a fussy situation I am thinking about encryption.
I was thinking about PHP encryption solution (Zend or Ioncube) for the
web application protection.
But sensitive data must be protected too.
Pgcrypto seemed to be the encryption solution but I am not sure it's a
good idea because all keys will be located on server ( if I have well
understood) and the documention explain that the data will appear on
"clear text" for a short period.

Olivier


Вложения

В списке pgsql-admin по дате отправления:

Предыдущее
От: Peter Koczan
Дата:
Сообщение: Re: Question on Fragmentations
Следующее
От: Bruno Wolff III
Дата:
Сообщение: Re: database encryption