| From: | Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | New types for transparent encryption |
| Date: | 2009-07-07 08:35:28 |
| Message-ID: | 20090707165227.947B.52131E4D@oss.ntt.co.jp |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Our manual says we can use pgcrypto functions or encrypted filesystems
for data encryption.
http://www.postgresql.org/docs/8.4/static/encryption-options.html
However, they are not always the best approaches in some cases.
For pgcrypto functions, user's SQL must contain keyword strings
and they need to consider which column is encrypted. Users complaint
that that they want to treat encrypted values as if not-encrypted.
For encrypted filesystems, all of database will be encrypted
and thare are considerable overheads. In addition, encrypted
filesystems are not well-maintained on some platforms.
I'd like to submit a proposal to add types that encryped or
decrypted transparently to contrib/pgcrypto. It is a simple
wrapper type of bytea. The pseudo code could be:
CREATE TYPE encrypted_text (
INPUT = pgp_sym_encrypt_text(textin($1), passward(), options()),
OUTPUT = textout(pgp_sym_decrypt_text($1, passward(), options())),
LIKE bytea
);
passward() and options() are SQL functions and we can re-define them
if needed. The default implementations are to refer custom GUC variables
(pgcrypto.password and pgcrypto.options) so that encryption are done
only in database server and applications don't have to know the details.
I hope this will be an enhancement of contrib/pgcrypto.
Comments welcome.
Regards,
---
ITAGAKI Takahiro
NTT Open Source Software Center
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Heikki Linnakangas | 2009-07-07 09:09:49 | Re: New types for transparent encryption |
| Previous Message | Brendan Jurd | 2009-07-07 08:29:07 | Re: commitfest.postgresql.org |