Re: Database Encryption (now required by law in Italy)

Поиск
Список
Период
Сортировка
От Matt Clark
Тема Re: Database Encryption (now required by law in Italy)
Дата
Msg-id OAEAKHEHCMLBLIDGAFELIEKOEOAA.matt@ymogen.net
обсуждение исходный текст
Ответ на Re: Database Encryption (now required by law in Italy)  (Dave Ewart <Dave.Ewart@cancer.org.uk>)
Ответы Re: Database Encryption (now required by law in Italy)  (Radu-Adrian Popescu <radu.popescu@aldratech.com>)
Re: Database Encryption (now required by law in Italy)  (Dave Ewart <Dave.Ewart@cancer.org.uk>)
Re: Database Encryption (now required by law in Italy)  (Silvana Di Martino <silvanadimartino@tin.it>)
Список pgsql-admin
> What's wrong with using a LoopAES filesystem?  It protects against
> someone walking off with the server, or at least the hard disk, and
> being able to see the data.

Yes, but only if the password has to entered manually [1] at boot time.
And it gives zero protection against someone who gains root access to the
server.

So you _also_ have to encrypt the sensitive data before giving it to the
DB, using a key that is not stored on the DB server.

Of course that means your app servers have to have _those_ passwords/
keys entered manually at boot time, or else someone who roots them can
read your sensitive data quite trivially.

And to do any better than that you need one of those very snazzy cards
from nCipher or whoever, that allow you to process encrypted data in a
hardware sandbox so even your application doesn't see it, or at least
only allow signed code to manipulate the data.


Matt

[1] There are ways of avoiding having to enter the info manually, but
    they're very tricky to implement securely.


В списке pgsql-admin по дате отправления:

Предыдущее
От: Dave Ewart
Дата:
Сообщение: Re: Database Encryption (now required by law in Italy)
Следующее
От: Sergio Chaves
Дата:
Сообщение: Re: Database Encryption (now required by law in Italy)