| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Daniel Struck <struck(dot)d(at)retrovirology(dot)lu> |
| Cc: | Sarah Tanembaum <sarahtanembaum(at)yahoo(dot)com>, pgsql-php(at)postgresql(dot)org, pgsql-admin(at)postgresql(dot)org, pgsql-hackers-win32(at)postgresql(dot)org, pgadmin-support(at)postgresql(dot)org, pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: [PHP] Secure DB Systems - How to |
| Date: | 2004-07-13 12:38:17 |
| Message-ID: | 20040713123817.GB3710@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-support pgsql-admin pgsql-hackers-win32 pgsql-php pgsql-sql |
On Tue, Jul 13, 2004 at 11:35:57 +0200,
Daniel Struck <struck(dot)d(at)retrovirology(dot)lu> wrote:
> > Keeping the system administrator from seeing the data while making it
> > searchable is difficult. To do this you need to encrypt the data on
> > the client side using a key the client has (and this key has to be
> > protected from loss) and the only searches you can do are equality
> > searches using a hash or encrypted value.
>
> You can also perform regex searches.
If you decrypt the data on the database, the sysadmin can see it.
If you are willing to take that chance (e.g. if you primary concern is
some third party getting a snapshot of the DB), then you can do lots of
things.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Struck | 2004-07-13 13:18:38 | Re: [PHP] Secure DB Systems - How to |
| Previous Message | Daniel Struck | 2004-07-13 09:35:57 | Re: [PHP] Secure DB Systems - How to |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jim Seymour | 2004-07-13 13:10:04 | Re: Slony NG |
| Previous Message | Bruno Wolff III | 2004-07-13 12:35:35 | Re: Slony NG |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Merlin Moncure | 2004-07-13 12:51:13 | Re: PostGre and Windows XP |
| Previous Message | Daniel Struck | 2004-07-13 09:35:57 | Re: [PHP] Secure DB Systems - How to |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Struck | 2004-07-13 13:18:38 | Re: [PHP] Secure DB Systems - How to |
| Previous Message | Daniel Struck | 2004-07-13 09:35:57 | Re: [PHP] Secure DB Systems - How to |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bob Arens | 2004-07-13 12:56:00 | Query plan discrepancies |
| Previous Message | vaibhav singh | 2004-07-13 11:40:20 | [ocpfree] Query Optimization Help Needed. |