Re: Secure DB Systems - How to

From: Christopher Browne <cbbrowne(at)acm(dot)org>
To: pgsql-sql(at)postgresql(dot)org
Subject: Re: Secure DB Systems - How to
Date: 2004-07-15 02:44:52
Message-ID: m3u0wagfa3.fsf@wolfe.cbbrowne.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgadmin-support pgsql-admin pgsql-hackers-win32 pgsql-php pgsql-sql

In the last exciting episode, mallah(at)trade-india(dot)com (Rajesh Kumar Mallah) wrote:
> Sarah Tanembaum wrote:
>
>>I was wondering if it is possible to create a secure database system
>>usingPostgreSQL/PHP combination?
>>
>>I have the following in mind:
>>
>>I wanted to store all my( and my brothers and sisters) important document
>>information such as birth certificate, SSN, passport number, travel
>>documents, insurance(car, home, etc) document, and other important documents
>>imagined in the database.
>>
>>The data will be entered either manually and/or scanned(with OCR). I need to
>>be able to search on all the fields in the database.
>>
>>We have 10 computers(5bros, 4sisters, and myself) plus 1 server with I
>>maintained. The data should be synchronize/replicate between those
>>computers.
>>
>>Well, so far it is easy, isn't it?
>>
>>Here's my question:
>>
>>a) How can I make sure that it secure so only authorized person can
>>modify/add/delete the information? Beside transaction logs, are there any
>>other method to trace any transaction(kind of paper trail)?
>>
>>
> There can be multiple solutions to your problem.
>
> The security and logging may be implemented either at
> database level or application level. That is a call you have to
> take.

Doing it at the database level means having to trust anyone that has
administrative access to the database system.

The only way for this to NOT require trusting the administrators is to
store data in some sort of encrypted form, where the data is NOT
visible except when someone decrypts it within the client application.

The main work published on the subject is _Translucent Databases_, by
Peter Wayner. Here are a bunch of links that give a pretty good idea
of what it's about.

http://www.oreillynet.com/pub/a/network/2002/08/02/simson.html
http://www.wayner.org/books/td/
http://www.wayner.org/books/td/faq.php
http://www.linux-mag.com/2003-12/databases_01.html

They discuss it from the perspective of using Java as the "client
application" layer; presumably PHP offers some cryptographic tools to
allow doing similar things...

http://hotwired.lycos.com/webmonkey/programming/php/tutorials/tutorial1.html
--
output = ("cbbrowne" "@" "ntlug.org")
http://cbbrowne.com/info/languages.html
"To do is to be." -- Aristotle
"To be is to do." -- Socrates
"Do be do be do." -- Sinatra
"Do be a do bee." -- Miss Sally of Romper Room fame.
"Yabba dabba do." -- Fred Flintstone
"DO...BEGIN..END" -- Niklaus Wirth

In response to

Browse pgadmin-support by date

  From Date Subject
Next Message Jaromir Karmazin 2004-07-16 10:50:46 Error Message: ERROR: column "datpath" does not exist
Previous Message Andreas Pflug 2004-07-14 14:58:11 Re: PostGreSql

Browse pgsql-admin by date

  From Date Subject
Next Message Simon Riggs 2004-07-15 07:15:03 Re: [HACKERS] Point in Time Recovery
Previous Message SAKATA Tetsuo 2004-07-15 01:49:21 Re: Point in Time Recovery

Browse pgsql-hackers-win32 by date

  From Date Subject
Next Message kranas 2004-07-15 05:17:02 postgresql as windows 2000 service problem
Previous Message Jomar Andrade 2004-07-14 16:03:00 Re: postgresql as windows 2000 service problem

Browse pgsql-php by date

  From Date Subject
Next Message azah azah 2004-07-20 08:11:48 Escape string in postresql
Previous Message Lynna Landstreet 2004-07-14 19:27:49 Re: Resource id #12

Browse pgsql-sql by date

  From Date Subject
Next Message Achilleus Mantzios 2004-07-15 14:00:36 Re: How do I convice postgres to use an index?
Previous Message R.Welz 2004-07-15 00:23:06 calling function , passing OLD as argument