| From: | Martijn van Oosterhout <kleptog(at)svana(dot)org> |
|---|---|
| To: | Ken Tanzer <ken(dot)tanzer(at)gmail(dot)com> |
| Cc: | Rob Sargent <robjsargent(at)gmail(dot)com>, PG-General Mailing List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: encrypting data stored in PostgreSQL |
| Date: | 2014-04-09 21:28:08 |
| Message-ID: | 20140409212808.GC7062@svana.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Apr 09, 2014 at 02:16:34PM -0700, Ken Tanzer wrote:
> > Any thoughts on how to pull this off for PostgreSQL stored data?
> >
> > I looked at this a while ago because I have clients who might require this
> in the future. ISTM you should be able to have your PG data directory
> stored on an encrypted filesystem. I believe this will decrease
> performance, but I have no idea by how much.
FWIW, I have several databases running on encrypted filesystems. The
performance difference is negligable *if* you have hardware
acceleration for your encryption, which most modern processors have.
Essentially, the processor can encrypt/decrypt data so much faster than
the cost of reading/writing to disk, you don't notice the difference.
There's surely a difference, but if this means you meet your
requirements it's an excellent solution.
Have a nice day,
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> He who writes carelessly confesses thereby at the very outset that he does
> not attach much importance to his own thoughts.
-- Arthur Schopenhauer
| From | Date | Subject | |
|---|---|---|---|
| Next Message | John R Pierce | 2014-04-09 21:32:59 | Re: encrypting data stored in PostgreSQL |
| Previous Message | Ken Tanzer | 2014-04-09 21:16:34 | Re: encrypting data stored in PostgreSQL |