Re: Database Encryption (now required by law in Italy)

From: Mitch Pirtle <mitchy(at)spacemonkeylabs(dot)com>
To: pgsql-admin(at)postgresql(dot)org
Subject: Re: Database Encryption (now required by law in Italy)
Date: 2004-03-05 13:53:04
Message-ID: 40488640.1040409@spacemonkeylabs.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Dave Ewart wrote:

> If you find any 'automated' front-end to do this at the database-level,
> rather than something like loopback at the filesystem level or at the
> field level for specific fields, I think there would be a lot of
> interest.

But that is the problem, isn't it? Any 'automated'
encryption/decryption will be just as useful to the would-be perpetrator
of data theft. This is like having an automatic alarm system on your
car that works for anyone that walks up to it.

The same logic applies to encrypting the data in the database -
somewhere on your server the application has to know how to decrypt it,
and that means anyone that gains access to your server will have that
ability also...

I understand (and demand) requiring SSL connections for database
clients, and MD5 hashing of passwords before storing in the database,
but implementing two-way encryption of database data just doesn't make
sense to me.

-- Mitch

In response to

Responses

Browse pgsql-admin by date

  From Date Subject
Next Message Mark Gibson 2004-03-05 13:53:39 Re: Database Encryption (now required by law in Italy)
Previous Message Grega Bremec 2004-03-05 13:47:53 Re: Database Encryption (now required by law in Italy)