From: | Hector Beyers <hqbeyers(at)gmail(dot)com> |
---|---|
To: | Merlin Moncure <mmoncure(at)gmail(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Hiding data in postgresql |
Date: | 2010-05-25 07:58:00 |
Message-ID: | AANLkTiknwlRzII_5if-6soGPXAP-qefLQYBFJeiSsKjw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-hackers |
No, I have not considered encrypting or decrypting data. The reason for this
is that I am trying to *secure a database* by thinking like a *malicious
user / criminal*. I want to hide (for example) fraudulent data on a database
where it is not easily seen by others and then build a tool to detect this
hidden data.
On your questions:
*) What data is to remain secret?
*) Who is allowed to see the secret data?
*) When do they see it?
*) What sacrifices are you willing to make to keep the data secret?
*) Where are you going to store the key?
the answers:
- fraudulent data / or data that needs to be hidden.
- only the malicious user - and hopefully later a detection mechanism
that I aim to build.
- I don't really have a preference on when they can see the data, but
maybe when you export a dump.
- The main purpose of hiding the data is that the normal users of the
database will not easily find the hidden data. If this criteria is met, then
any other sacrifices can be made.
- Still need to figure that one out.
Any good brainstorming ideas will help!
On Mon, May 24, 2010 at 11:04 PM, Merlin Moncure <mmoncure(at)gmail(dot)com> wrote:
> On Mon, May 24, 2010 at 3:16 PM, Hector Beyers <hqbeyers(at)gmail(dot)com> wrote:
> >
> > Hi guys,
> > does ANYONE have any tips on hiding data on a database server? This means
> > that data is stored in places that is not necessarily picked up in the
> > schema of the database. I am doing some research on databases and need
> some
> > direction.
> > Any help or direction will be highly appreciated.
>
> First question: Have you considered 1. encrypting data when you put it
> in the database and 2. decrypting it when you pull it out?
>
> Let me humbly state that the #1 problem that beginners face with
> security and encryption is focusing too much on the mechanics and not
> enough on the 'big picture' issues:
>
> *) What data is to remain secret?
> *) Who is allowed to see the secret data?
> *) When do they see it?
> *) What sacrifices are you willing to make to keep the data secret?
> *) Where are you going to store the key?
>
> Answers to those questions should get you more helpful answers.
> Postgres has a lot of features to hide data, some obvious (pgcrypto,
> grant/revoke) and some not so obvious (revoking permissions from
> pg_proc). Judging from your question you may be interested in some
> extra-special techniques...please be more specific!
>
> merlin
>
From | Date | Subject | |
---|---|---|---|
Next Message | Malm Paul | 2010-05-25 09:38:56 | uppdate from postgersql 8.3.7 to 8.4.4 |
Previous Message | Dennis Gearon | 2010-05-25 04:32:58 | Re: timestamp configuration |
From | Date | Subject | |
---|---|---|---|
Next Message | Takahiro Itagaki | 2010-05-25 08:32:20 | Re: pg_stat_transaction patch |
Previous Message | Fujii Masao | 2010-05-25 04:50:43 | Re: Synchronization levels in SR |