| From: | Bill Moran <wmoran(at)potentialtech(dot)com> |
|---|---|
| To: | Thomas Kellerer <spam_eater(at)gmx(dot)net> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Looking for advice on database encryption |
| Date: | 2009-04-16 20:20:25 |
| Message-ID: | 20090416162025.6c5e346d.wmoran@potentialtech.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
In response to Thomas Kellerer <spam_eater(at)gmx(dot)net>:
> Bill Moran wrote on 16.04.2009 21:40:
> > The goal here is that if we're going to encrypt the data, it should
> > be encrypted in such a way that if an attacker gets ahold of a dump
> > of the database, they still can't access the data without the
> > passphrases of the individuals who entered the data.
>
> I'm by far not an expert, but my naive attempt would be to store the the
> database files in an encrypted filesystem.
That was the first suggestion when we started brainstorming ideas.
Unfortunately, it fails to protect us from the most likely attack
vector: SQL Injection/application layer bugs. In an SQL Injection
(for example) the fact that the filesystem is encrypted does zero
to protect the sensitive data.
--
Bill Moran
http://www.potentialtech.com
http://people.collaborativefusion.com/~wmoran/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tim Bruce - Postgres | 2009-04-16 20:30:56 | Re: Looking for advice on database encryption |
| Previous Message | John R Pierce | 2009-04-16 20:02:44 | Re: Looking for advice on database encryption |