Re: [GENERAL] Encryption For Specific Column- Where to store the key

2011-06-16 Thread Manuel Gysin
>From: "Pavel Stehule" > >Hello > >try to use a security definer functions > >http://www.postgresql.org/docs/current/static/sql-createfunction.html > >inside this function you can access to resourcess thats are no >available from outer for web user > >Regards > >Pavel Stehuke I understand the ide

Re: [GENERAL] Encryption For Specific Column- Where to store the key

2011-06-16 Thread Merlin Moncure
On Thu, Jun 16, 2011 at 3:35 AM, Manuel Gysin wrote: > I can trust the dba. But while someone gain access, he can control everything > and could easily extend his rights to dba. > An other way with client side encryption/decryption should be possible with > deployed certificates and keys, but so

Re: [GENERAL] Encryption For Specific Column- Where to store the key

2011-06-16 Thread Pavel Stehule
2011/6/16 Manuel Gysin : >>From: "Pavel Stehule" >> >>Hello >> >>try to use a security definer functions >> >>http://www.postgresql.org/docs/current/static/sql-createfunction.html >> >>inside this function you can access to resourcess thats are no >>available from outer for web user >> >>Regards >

Re: [GENERAL] Encryption For Specific Column- Where to store the key

2011-06-15 Thread Craig Ringer
On 15/06/11 14:07, Manuel Gysin wrote: > A discussion about this topic can be found under > http://www.experts-exchange.com/Database/PostgreSQL/Q_21934798.html Use Stack Overflow instead ;-) Anyway: Given the additional detail you provided in that post, where it becomes clear that you only need

Re: [GENERAL] Encryption For Specific Column- Where to store the key

2011-06-15 Thread Craig Ringer
On 15/06/11 14:07, Manuel Gysin wrote: > - For the password field I just used a hash algorithm with some loops to > protect the passwords ("Password Storage Encryption" with bcrypt). Make sure you use a salt value and store the salt as well as the password. If not salted, your passwords will be

Re: [GENERAL] Encryption For Specific Column- Where to store the key

2011-06-15 Thread Merlin Moncure
On Wed, Jun 15, 2011 at 1:07 AM, Manuel Gysin wrote: > Hello > I'm currently designing a database layout where some columns are encrypted. > Some tables contains sensitive user data which needs a special protection. > > I used http://www.postgresql.org/docs/8.1/static/encryption-options.html as a

Re: [GENERAL] Encryption For Specific Column- Where to store the key

2011-06-15 Thread Pavel Stehule
Hello try to use a security definer functions http://www.postgresql.org/docs/current/static/sql-createfunction.html inside this function you can access to resourcess thats are no available from outer for web user Regards Pavel Stehuke 2011/6/15 Manuel Gysin : > Hello > > > I'm currently desig

[GENERAL] Encryption For Specific Column- Where to store the key

2011-06-15 Thread Manuel Gysin
Hello I'm currently designing a database layout where some columns are encrypted. Some tables contains sensitive user data which needs a special protection. I used http://www.postgresql.org/docs/8.1/static/encryption-options.html as a guide. - For the password field I just used a hash algorith