On Tue, Jul 9, 2019 at 3:39 AM Tomas Vondra
<tomas.vondra@2ndquadrant.com> wrote:
>
> BTW how do you know this is what users want? Maybe they do, but then
> again - maybe they just see it as magic and don't realize the extra
> complexity (not just at the database level). In my experience users
> generally want more abstract things, like "Ensure data privacy in case
> media theft," or "protection against evil DBA".
>
I think that it's true that user generally want more abstract things
at system design stage so that's why I've been considering the
functionality of TDE based on security standards such PCI DSS. These
might have a high goal but would be good materials to define
requirements that user will want.
BTW I've created a wiki page[1] for TDE summarizing the discussion. I
will keep it up-to-date but please feel free to update it.
[1] https://wiki.postgresql.org/wiki/Transparent_Data_Encryption
Regards,
--
Masahiko Sawada
NIPPON TELEGRAPH AND TELEPHONE CORPORATION
NTT Open Source Software Center