From: | Kevin Grittner <kgrittn(at)ymail(dot)com> |
---|---|
To: | Thom Brown <thom(at)linux(dot)com>, Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | Simon Riggs <simon(at)2ndquadrant(dot)com>, Damian Wolgast <damian(dot)wolgast(at)si-co(dot)net>, Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Column Redaction |
Date: | 2014-10-10 18:03:13 |
Message-ID: | 1412964193.25454.YahooMailNeo@web122305.mail.ne1.yahoo.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Thom Brown <thom(at)linux(dot)com> wrote:
> On 10 October 2014 15:56, Stephen Frost <sfrost(at)snowman(dot)net> wrote:
>> Thom Brown (thom(at)linux(dot)com) wrote:
>>> Data such as plain credit card numbers stored in a
>>> column, even with all its data masked, would be easy to determine.
>>
>> I'm not as convinced of that as you are.. Though I'll point out that in
>> the use-cases which I've been talking to users about, it isn't credit
>> cards under discussion.
>
> I think credit card numbers are a good example.
I'm not so sure. Aren't credit card numbers generally required by
law to be stored in an encrypted form?
> If we're talking
> about format functions here, there has to be something in addition to
> that which determines permitted comparison operations. If not, and we
> were going to remove all but = operations, we'd effectively cripple
> the functionality of anything that's been formatted that wasn't
> intended as a security measure. It almost sounds like an extension to
> domains rather than column-level functionality.
I have to say that my first thought was that format functions
associated with types with domain override would be a very nice
capability. But I don't see where that has much to do with
security. I have seen many places where redaction is necessary
(and in fact done), but I don't see how that could be addressed by
what Simon is proposing. Perhaps I'm missing something; if so, a
more concrete exposition of a use case might allow things to
"click".
--
Kevin Grittner
EDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2014-10-10 18:05:27 | Re: UPSERT wiki page, and SQL MERGE syntax |
Previous Message | Craig James | 2014-10-10 17:59:52 | Re: Yet another abort-early plan disaster on 9.3 |