Bill Moran wrote:
The problem comes when the company head wants to search through the database to find out which employee has a specific SSN. He should be able to do so, since he has access to everything, but the logistics of doing so in a reasonable amount of time are rather complex and very time consuming. On a million rows with the SSN unencrypted, such a query would take less than a second with an appropriate index, but pulling those million rows into the application in order to decrypt each one and see if it matches can easily take a half hour or longer. That's where we're having difficulty. Our requirements are that the data must be strongly protected, but the appropriate people must be able to do (often complex) searches on it that complete in record time.
an index on the encrypted SSN field would do this just fine. if authorized person needs to find the record with a specific SSN, they encrypt that SSN and then look up the ciphertext in the database... done.
-- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
