| From: | Olivier Boissard <olivier(dot)boissard(at)cerene(dot)fr> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Michael Fuhr <mike(at)fuhr(dot)org>, Andrew Sullivan <ajs(at)crankycanuck(dot)ca>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: database encryption |
| Date: | 2007-02-09 08:03:20 |
| Message-ID: | 45CC2AC8.5020005@cerene.fr |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Bruce Momjian a écrit :
> Michael Fuhr wrote:
>
>> On Thu, Feb 08, 2007 at 09:13:48AM +0100, Olivier Boissard wrote:
>>
>>> I was thinking about a system in which only the php programs will be
>>> able to manage stored informations. In case of theft or unexpected
>>> access to servers nobody could be able to retrieve the stored data
>>> without the authorized key.
>>>
>> What about theft or compromise of the server running the PHP code?
>> In general it's a good idea to encrypt and decrypt as close to where
>> the cleartext is needed to limit exposure, but you should also
>> consider the vulnerability of the system that holds the key. For
>> some applications it might make sense to use public-key encryption
>> with the exposed (e.g., Internet-facing) server having only the
>> public (encryption) key and a more protected backend server having
>> the corresponding private (decryption) key.
>>
>> Without knowing the requirements and the threat model it's impossible
>> to suggest a suitable solution. Can you be more specific about what
>> you're trying to do?
>>
>
> We do have an encryption section in our documentation:
>
> http://www.postgresql.org/docs/8.2/static/encryption-options.html
>
>
>
Thanks for responses.
I expose the context of my question :
I need to install a server for a specific web application written in PHP.
This one works by making queries to a postgresql database. The database
contains confidential data.
For several reasons the server will be installed inside the Local
network of our client. I will not be able to supervise and control it.
As it's a fussy situation I am thinking about encryption.
I was thinking about PHP encryption solution (Zend or Ioncube) for the
web application protection.
But sensitive data must be protected too.
Pgcrypto seemed to be the encryption solution but I am not sure it's a
good idea because all keys will be located on server ( if I have well
understood) and the documention explain that the data will appear on
"clear text" for a short period.
Olivier
| Attachment | Content-Type | Size |
|---|---|---|
| olivier.boissard.vcf | text/x-vcard | 241 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruno Wolff III | 2007-02-09 16:28:27 | Re: database encryption |
| Previous Message | Peter Koczan | 2007-02-09 03:08:03 | Re: Question on Fragmentations |