On Jun 17, 2005, at 8:49 AM, Együd Csaba wrote:
Hi,
we plan to make available our database from the internet (direct tcp/ip
based connections). We want to make it as secure as possible. There
are a
few users who could access the database, but we want to block any other
users to access.
Our plans are:
- using encripted (ssl) connections - since sensitive (medical)
personal
information are stored.
(How to setup this? What do we need on server side, and what on
client
side?)
- using pg_hba.conf to configure authentication method and IP filters
- forcing our users to change their passwords frequently
- applying strong password policy (long pw, containing
upper/lowercase
characters and numbers)
Could anybody suggest us something more valuable features in postgres
to
improve the security?
Regarding SSL, I'd like to know how to use it correctly. What we have
to do
on the server to accept ssl connections, and what kind of client
softwares
are required.
Many thanks,
-- Csaba Együd
It sounds like you might want to think about hiring a consultant to
help out here--what do others think? With medical information, this is
not something you want to get wrong.
Sean
---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings