Skip site navigation (1) Skip section navigation (2)

Re: Data Encryption

From: nhrcommu(at)rochester(dot)rr(dot)com
To: Michael Fuhr <mike(at)fuhr(dot)org>
Cc: Sandeep Agarwal <sandeepagarwal(dot)1980(at)gmail(dot)com>, pgsql-novice(at)postgresql(dot)org
Subject: Re: Data Encryption
Date: 2007-03-29 11:15:29
Message-ID: c3caa909556b.556bc3caa909@nyroc.rr.com (view raw or flat)
Thread:
Lists: pgsql-novice
> On Thu, Mar 29, 2007 at 01:56:34PM +0530, Sandeep Agarwal wrote:
> > i am new to postgres and am puzzled how to solve the untrusted 
> admin 
> > problem.
> > 
> > i am having very sensitive data (accounts and payroll) on postgresql
> > server. the goal i want to achive is that even the sys. 
> admin/database> admin. should be able to read the data. i 
> understand that the solution
> > lies in encrypting the fields.

Sandeep,
Please do not take affront if I am reading way too much into your
question, but if the following scenario is true:
1)  It is a web application with the server colocated in the US
2)  You are the developer AND admin and are not in the US

If so, you obviously trust yourself -- the problem is that customers or
prospective customers will possibly (likely) be hesitant to use your
service, particularly when SSN's, names and employee addresses are involved.

If my conjecture is true, then you may want to rephrase your question. 
Different suggestions may result.  

If I am 'off base', please disregard.

Thanks,
Mike Ellsworth

In response to

Responses

pgsql-novice by date

Next:From: NickDate: 2007-03-29 18:03:07
Subject: Re: Data Encryption
Previous:From: Sandeep AgarwalDate: 2007-03-29 10:55:48
Subject: Re: Data Encryption

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group