Quick Links

Re: Why the index is not used ?

From:	Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com>
To:	ROS Didier <didier(dot)ros(at)edf(dot)fr>, "folarte(at)peoplecall(dot)com" <folarte(at)peoplecall(dot)com>
Cc:	"pavel(dot)stehule(at)gmail(dot)com" <pavel(dot)stehule(at)gmail(dot)com>, "pgsql-sql(at)lists(dot)postgresql(dot)org" <pgsql-sql(at)lists(dot)postgresql(dot)org>, "pgsql-performance(at)lists(dot)postgresql(dot)org" <pgsql-performance(at)lists(dot)postgresql(dot)org>, "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org>
Subject:	Re: Why the index is not used ?
Date:	2018-10-08 20:00:15
Message-ID:	f6ab9c6e-323f-8e2e-fd71-8f019045ff2b@2ndquadrant.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general pgsql-performance pgsql-sql

Hi,

On 10/08/2018 04:10 PM, ROS Didier wrote:
> Hi Tomas
>
>         Thank you for your answer and recommendation which is very
> interesting. I'm going to study the PCI DSS document right now.
>
> * Here are my answer to your question :
>
> />>/
> /What is your threat model?/
> /<</
> we want to prevent access to sensitive data for everyone except those
> who have the encryption key.
> in case of files theft, backups theft, dumps theft, we do not want
> anyone to access sensitive data.
>

The thing is - encryption is not panacea. The interesting question is
whether this improves security compared to simply using FDE and regular
access rights (which are grantable at the column level).

Using those two pieces properly may very well be a better defense than
not well designed encryption scheme - and based on this discussion, it
does not seem very polished / resilient.

regards

--
Tomas Vondra http://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

In response to

RE: Why the index is not used ? at 2018-10-08 14:10:41 from ROS Didier

Browse pgsql-general by date

	From	Date	Subject
Next Message	Malik Rumi	2018-10-08 20:25:25	Re: FTS trigger works 1 at a time, but fails with bulk insert script
Previous Message	Adrian Klaver	2018-10-08 19:56:58	Re: FTS trigger works 1 at a time, but fails with bulk insert script

Browse pgsql-performance by date

	From	Date	Subject
Next Message	Paul McGarry	2018-10-08 21:34:51	Re: Why the index is not used ?
Previous Message	ROS Didier	2018-10-08 15:32:45	RE: Why the index is not used ?

Browse pgsql-sql by date

	From	Date	Subject
Next Message	Paul McGarry	2018-10-08 21:34:51	Re: Why the index is not used ?
Previous Message	ROS Didier	2018-10-08 15:32:45	RE: Why the index is not used ?