Обсуждение: Restricting administrator's DB access
Hello, I need to store the sensitive data in the database and would want to allow the data retrieval/modification only through the application. So even the administrator of the DB should NOT be allowed to update the data directly. Also this restriction will only be applicable to few tables of the database. Is it doable by granting the restricted permissions? Else another option would be to store the encrypted data but it would have a performance hit. I am planning to use PostgreSQL and Oracle. Any pointers/suggestions would be much appreciated. Thanks Ankur -- View this message in context: http://www.nabble.com/Restricting-administrator%27s-DB-access-tp24218718p24218718.html Sent from the PostgreSQL - admin mailing list archive at Nabble.com.
Hi Ankur, > Is it doable by granting the restricted permissions? > No. > Else another option would be to store the encrypted data but it would have a > performance hit. > Yes. That is your choice: either security or performance. > Any pointers/suggestions would be much appreciated. > http://www.postgresql.org/docs/8.3/static/pgcrypto.html Cheers, Mike