Skip site navigation (1) Skip section navigation (2)

Re: [PHP] Secure DB Systems - How to

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: Sarah Tanembaum <sarahtanembaum(at)yahoo(dot)com>
Cc: pgsql-php(at)postgresql(dot)org, pgsql-admin(at)postgresql(dot)org,pgsql-hackers-win32(at)postgresql(dot)org, pgadmin-support(at)postgresql(dot)org,pgsql-sql(at)postgresql(dot)org
Subject: Re: [PHP] Secure DB Systems - How to
Date: 2004-07-09 15:27:22
Message-ID: 20040709152722.GA20935@wolff.to (view raw or flat)
Thread:
Lists: pgadmin-supportpgsql-adminpgsql-hackers-win32pgsql-phppgsql-sql
On Thu, Jul 08, 2004 at 11:49:36 -0400,
  Sarah Tanembaum <sarahtanembaum(at)yahoo(dot)com> wrote:
> I was wondering if it is possible to create a secure database system
> usingPostgreSQL/PHP combination?
> 
> I have the following in mind:
> 
> I wanted to store all my( and my brothers and sisters) important document
> information such as birth certificate, SSN, passport number, travel
> documents, insurance(car, home, etc) document, and other important documents
> imagined in the database.
> 
> The data will be entered either manually and/or scanned(with OCR). I need to
> be able to search on all the fields in the database.
> 
> We have 10 computers(5bros, 4sisters, and myself) plus 1 server with I
> maintained. The data should be synchronize/replicate between those
> computers.
> 
> Well, so far it is easy, isn't it?
> 
> Here's my question:
> 
> a) How can I make sure that it secure so only authorized person can
> modify/add/delete the information? Beside transaction logs, are there any
> other method to trace any transaction(kind of paper trail)?

Keeping the system administrator from seeing the data while making it
searchable is difficult. To do this you need to encrypt the data on
the client side using a key the client has (and this key has to be
protected from loss) and the only searches you can do are equality
searches using a hash or encrypted value.

The system administrator can always delete the data.

If you store which user has access to a row in the row, you can use views
to control access to the rows for people other than  the system administrator.

> b) How can I make sure that no one can tap the info while we are entering
> the data in the computer? (our family are scattered within US and Canada)

Use SSL.

> c) Is it possible to securely synchronize/replicate between our computers
> using VPN? Does PostgreSQL has this functionality by default?

Probably the best thing here is to run one live server and make backups
of the system that you store at your relatives along with instructions
for recovering them if something happens to you. Probably the backups
should be encrypted with either the keys in your safe deposit box or
using a system where something like 3 out of 5 keys can be used to recover
the backup files. Be sure to test the backup recovery.

In response to

Responses

pgsql-php by date

Next:From: brewDate: 2004-07-09 19:08:12
Subject: Re: wouldn't insert
Previous:From: Elijah O. AlcantaraDate: 2004-07-09 02:39:28
Subject: wouldn't insert

pgsql-admin by date

Next:From: Haron, CharlesDate: 2004-07-09 16:22:45
Subject: Perl Modules in PL/Perl functions
Previous:From: Konstantin PelepelinDate: 2004-07-09 14:36:08
Subject: are there ways for 'idle timeout'?

pgadmin-support by date

Next:From: Pavel VeretennikovDate: 2004-07-12 09:18:46
Subject: Bug report CHECK CONSTRAINTS
Previous:From: Sarah TanembaumDate: 2004-07-08 15:49:36
Subject: Secure DB Systems - How to

pgsql-hackers-win32 by date

Next:From: kranasDate: 2004-07-09 15:57:13
Subject: initdb crash
Previous:From: Alexander CohenDate: 2004-07-09 15:24:12
Subject: Re: initdb failed (terminated signal 5)

pgsql-sql by date

Next:From: Verebes GaborDate: 2004-07-09 15:34:02
Subject: Re: Constraint->function dependency and dump in 7.3
Previous:From: Együd CsabaDate: 2004-07-09 05:15:13
Subject: Re: Constraint->function dependency and dump in 7.3

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group