On Tue, Jul 9, 2019 at 3:39 AM Tomas Vondra <tomas.von...@2ndquadrant.com> wrote: > > BTW how do you know this is what users want? Maybe they do, but then > again - maybe they just see it as magic and don't realize the extra > complexity (not just at the database level). In my experience users > generally want more abstract things, like "Ensure data privacy in case > media theft," or "protection against evil DBA". >
I think that it's true that user generally want more abstract things at system design stage so that's why I've been considering the functionality of TDE based on security standards such PCI DSS. These might have a high goal but would be good materials to define requirements that user will want. BTW I've created a wiki page[1] for TDE summarizing the discussion. I will keep it up-to-date but please feel free to update it. [1] https://wiki.postgresql.org/wiki/Transparent_Data_Encryption Regards, -- Masahiko Sawada NIPPON TELEGRAPH AND TELEPHONE CORPORATION NTT Open Source Software Center
