Thanks Bruno.
I see the potential challenge. If the field value is encrypted, how can
search be done for certain value? Do I have to seach for the encrypted
value? If so, what password or key should I use?
Thanks
"Bruno Wolff III" <bruno(at)wolff(dot)to> wrote in message
news:20040709152722(dot)GA20935(at)wolff(dot)to(dot)(dot)(dot)
> On Thu, Jul 08, 2004 at 11:49:36 -0400,
> Sarah Tanembaum <sarahtanembaum(at)yahoo(dot)com> wrote:
> > I was wondering if it is possible to create a secure database system
> > usingPostgreSQL/PHP combination?
> >
> > I have the following in mind:
> >
> > I wanted to store all my( and my brothers and sisters) important
document
> > information such as birth certificate, SSN, passport number, travel
> > documents, insurance(car, home, etc) document, and other important
documents
> > imagined in the database.
> >
> > The data will be entered either manually and/or scanned(with OCR). I
need to
> > be able to search on all the fields in the database.
> >
> > We have 10 computers(5bros, 4sisters, and myself) plus 1 server with I
> > maintained. The data should be synchronize/replicate between those
> > computers.
> >
> > Well, so far it is easy, isn't it?
> >
> > Here's my question:
> >
> > a) How can I make sure that it secure so only authorized person can
> > modify/add/delete the information? Beside transaction logs, are there
any
> > other method to trace any transaction(kind of paper trail)?
>
> Keeping the system administrator from seeing the data while making it
> searchable is difficult. To do this you need to encrypt the data on
> the client side using a key the client has (and this key has to be
> protected from loss) and the only searches you can do are equality
> searches using a hash or encrypted value.
>
> The system administrator can always delete the data.
>
> If you store which user has access to a row in the row, you can use views
> to control access to the rows for people other than the system
administrator.
>
> > b) How can I make sure that no one can tap the info while we are
entering
> > the data in the computer? (our family are scattered within US and
Canada)
>
> Use SSL.
>
> > c) Is it possible to securely synchronize/replicate between our
computers
> > using VPN? Does PostgreSQL has this functionality by default?
>
> Probably the best thing here is to run one live server and make backups
> of the system that you store at your relatives along with instructions
> for recovering them if something happens to you. Probably the backups
> should be encrypted with either the keys in your safe deposit box or
> using a system where something like 3 out of 5 keys can be used to recover
> the backup files. Be sure to test the backup recovery.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: Have you searched our list archives?
>
> http://archives.postgresql.org
>