From: | John R Pierce <pierce(at)hogranch(dot)com> |
---|---|
To: | Bill Moran <wmoran(at)potentialtech(dot)com> |
Cc: | Steve Atkins <steve(at)blighty(dot)com>, pgsql-general List <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Looking for advice on database encryption |
Date: | 2009-04-16 22:00:24 |
Message-ID: | 49E7AA78.4010903@hogranch.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Bill Moran wrote:
> The problem comes when the company head wants to search through the
> database to find out which employee has a specific SSN. He should
> be able to do so, since he has access to everything, but the logistics of
> doing so in a reasonable amount of time are rather complex and very
> time consuming. On a million rows with the SSN unencrypted, such a
> query would take less than a second with an appropriate index, but
> pulling those million rows into the application in order to decrypt
> each one and see if it matches can easily take a half hour or longer.
>
> That's where we're having difficulty. Our requirements are that the
> data must be strongly protected, but the appropriate people must be
> able to do (often complex) searches on it that complete in record
> time.
>
an index on the encrypted SSN field would do this just fine. if
authorized person needs to find the record with a specific SSN, they
encrypt that SSN and then look up the ciphertext in the database... done.
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Black | 2009-04-16 22:04:24 | Re: Looking for advice on database encryption |
Previous Message | Will Rutherdale (rutherw) | 2009-04-16 21:18:31 | Re: Looking for advice on database encryption |