Bill Moran wrote:
What are folks doing to protect sensitive data in their databases?
I would probably do my encryption in the application layer, and only encrypt the sensitive fields. fields used as indexes probably should not be encrypted, unless the only index operation is EQ/NE, then you could use the encrypted index value as the search key. this would even work for foreign key relations.
of course, if part of your cryptography regimen involves key expiration and rotation, there'd be the hellacious problem of decrypting/reencryption.
it really all depends on what the security requirements are. -somewhere- there's a weak spot, in the above model, its the application server thats doing the cryptography, if it gets compromised, then the keys can be extracted, and all bets are off.
-- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
