Search Postgresql Archives

Re: Would PostgreSQL 16 native transparent data encryption support database level encryption?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks all for the discussions. It sounds like there are different questions to clear before we can get to a conclusion on if per-database KEK is possible or not.

First question - do we, as a community, see the value of the proposal and do we believe that value is big enough for us to make any necessary changes to PostgreSQL?  Another way to ask is, do we want/need to keep the parity with other database solutions that already have such ability?

If the answer to the first question is no, then I will stop here.
However, if the answer is yes or "it depends", then the second question is on how - It seems that per-cluster KEK can be a a good alternative to achieve the same as per-db KEK, however, there are still some shared area between clusters. Is it possible to further split this shared area? Are there more shared memory/storage between clusters?
 
In the proposed TDE work, yes, each cluster (which is an entier
PostgreSQL system) would be able to have its own KEK.

There's a bit of overhead from each cluster and each would have their
own shared buffers pool of memory and such.

Thanks
Tony 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux