Securing sensitive information
I've scoured the web and can't seem to find any definitive on how to
secure sensitive information in a DB, postgresQL in particular.
Most suggestions rely upon encrypting the data. This is all fine and
well except for the one nagging question I keep having: how do you
protect the password that is needed to decrypt the data? Maybe I'm
missing something?
Can anyone recommend any good web documents on how to secure sensitive
information?
Jc
On Thu, Aug 29, 2002 at 20:42:05 +0900,
Jean-Christian Imbeault <jc@mega-bucks.co.jp> wrote:
I've scoured the web and can't seem to find any definitive on how to
secure sensitive information in a DB, postgresQL in particular.Most suggestions rely upon encrypting the data. This is all fine and
well except for the one nagging question I keep having: how do you
protect the password that is needed to decrypt the data? Maybe I'm
missing something?Can anyone recommend any good web documents on how to secure sensitive
information?
Who are you trying to protect the data from?
If it is from the system administrator or DBA, that is going to be tough.
If it is database users, you may be able to force access through views
that restrict visible tuples to those each user is supposed to be able to see.
I also have read some other tricks like indexing data by hashes, so that
if you know something about the data (perhaps a last name), you can
compute the hash and use that to retrive the related information.
On 29 Aug 2002 at 20:42, Jean-Christian Imbeault wrote:
I've scoured the web and can't seem to find any definitive on how to
secure sensitive information in a DB, postgresQL in particular.Most suggestions rely upon encrypting the data. This is all fine and
well except for the one nagging question I keep having: how do you
protect the password that is needed to decrypt the data? Maybe I'm
missing something?Can anyone recommend any good web documents on how to secure sensitive
information?
I haven't really looked into it, but will have too some day. Our db
will be running postgresql and will contain medical data.
AFAIK there is an encryption module in contrib, I have no idea how it
works though. Also, make sure any connections made to the database are
secure (there's a built-in SSL if you compiled correctly). Other
options are OpenSSL and stunnel. A google on these keywords +
postgresql should be your friend.
--
Jules Alberts.
In article <3D6E088D.5050902@mega-bucks.co.jp>,
jc@mega-bucks.co.jp (Jean-Christian Imbeault) wrote:
I've scoured the web and can't seem to find any definitive on how to
secure sensitive information in a DB, postgresQL in particular.Most suggestions rely upon encrypting the data. This is all fine and
well except for the one nagging question I keep having: how do you
protect the password that is needed to decrypt the data? Maybe I'm
missing something?Can anyone recommend any good web documents on how to secure sensitive
information?
Peter Wayner has just written a book entitled "Translucent Databases"
that covers this subject. I have ordered my copy through Amazon and am
anxiously awaiting its arrival sometime this week.
Here is a link to Wayner's site about the book:
http://www.wayner.org/books/td/
Here is a review at O'Reilly (the review's author uses the
Yale/Princeton hacking episode to illustrate how the techniques in the
book would have stopped this from happening):
http://www.oreillynet.com/pub/a/network/2002/08/02/simson.html
Don Arbow