From: | Guy Helmer <ghelmer(at)palisadesystems(dot)com> |
---|---|
To: | CS_DBA <cs_dba(at)consistentstate(dot)com> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: encrypting data stored in PostgreSQL |
Date: | 2014-04-10 13:50:31 |
Message-ID: | B463065B-7600-414F-9B6A-BAC8C7EB4D79@palisadesystems.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Apr 9, 2014, at 3:40 PM, CS_DBA <cs_dba(at)consistentstate(dot)com> wrote:
> Hi All;
>
> We have a client with this requirement:
>
> At rest data must be encrypted with a unique client key
>
> Any thoughts on how to pull this off for PostgreSQL stored data?
Does there happen to be a Postgresql proxy, such as a modified pgbouncer, that implements column-wise and/or row-wise encryption and decryption using keys specific to the authenticated user? It seems like a reasonable way to implement an encryption layer that would provide protection against a number of threats without requiring modification to the higher layers of the application or to the Postgresql server.
Guy
From | Date | Subject | |
---|---|---|---|
Next Message | Albe Laurenz | 2014-04-10 18:54:30 | Re: openssl heartbleed |
Previous Message | Rob Sargent | 2014-04-10 13:29:17 | Re: Stored procedures and schema renames |