Re: pgcrypto and database encryption

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: Silvana Di Martino <silvanadimartino(at)tin(dot)it>
Cc: Joe Conway <mail(at)joeconway(dot)com>, pgsql-admin(at)postgresql(dot)org
Subject: Re: pgcrypto and database encryption
Date: 2004-03-08 14:47:32
Message-ID: 20040308144732.GA7140@wolff.to
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Mon, Mar 08, 2004 at 08:37:37 +0000,
Silvana Di Martino <silvanadimartino(at)tin(dot)it> wrote:
> Alle 18:19, domenica 7 marzo 2004, Joe Conway ha scritto:
> > Silvana Di Martino wrote:
> > > 4) What could actually solve our problem is something like the following
> > > scenario. Imagine that postmaster (or pg_ctrl) could accept a new CL
> > > parameter called "pw". This parameter would contain a sequence of
> > > comma-separated databasename/encryption-password pairs. I mean, something
> > > like this:
> > >
> > > postmaster -i -pw=postnuke:"arriba!",phpnuke:"blade runner"
> >
> > But you mentioned earlier that the DBA cannot know the passwords, so who
> > is going to type all that in?
>
> Accordingly to law, a "authorized operator". A piece of paper transforms a
> generic user/sysadmin into a trusted person who can perform such operations
> (again, not our choice: law imposes it).

This sounds like the real solution to your problem. You should do what
you need to to make the system administrator an authorized user and
then use more practical security methods to secure the data.

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Stephan Szabo 2004-03-08 15:08:06 Re: pgcrypto and database encryption
Previous Message Andrew Sullivan 2004-03-08 14:07:24 Re: HIPAA