Thread
-
TDE in PostgreSQL
Євген Панченко <slamgp1987@gmail.com> — 2020-07-10T08:11:52Z
Hello, very hard to find some information about TDE ( Transparent Data Encryption ) in PostgreSQL. Could you answer my question? 1) Do PostgreSQL supported TDE ( Transparent Data Encryption )?
-
Re: TDE in PostgreSQL
Fabien COELHO <coelho@cri.ensmp.fr> — 2020-07-10T11:52:10Z
> Hello, very hard to find some information about TDE ( Transparent Data > Encryption ) in PostgreSQL. Could you answer my question? > 1) Do PostgreSQL supported TDE ( Transparent Data Encryption )? No, which explain why informations are hard to come:-) This is not a bug, but the absence of a feature. Note that encryption can occur at many levels, which level is relevant depends on the threat model: 1. the app can encrypt data in tables 2. the database can encrypt its files 3. the os can encrypt a partition 4. the disks can encrypt their data 1. can be done with a pg extension (ISTM that several exist). 3. depends on the OS (data at rest encryption), 4 depends on the hardware. Some people are working on implementing some form of (2). -- Fabien.
-
Re: TDE in PostgreSQL
Hans-Jürgen Schönig <postgres@cybertec.at> — 2020-07-10T12:26:56Z
hi … actually we are trying to push encryption into core … so far there is no success. our stuff is working and we use it at many clients already without any issues. you can download a TDE enabled version of postgres from our website for free: https://www.cybertec-postgresql.com/en/products/postgresql-transparent-data-encryption/ <https://www.cybertec-postgresql.com/en/products/postgresql-transparent-data-encryption/> just ask me directly (hs@cybertec.at <mailto:hs@cybertec.at>) if you got any questions. many thanks, hans > On 10.07.2020, at 13:52, Fabien COELHO <coelho@cri.ensmp.fr> wrote: > > >> Hello, very hard to find some information about TDE ( Transparent Data >> Encryption ) in PostgreSQL. Could you answer my question? >> 1) Do PostgreSQL supported TDE ( Transparent Data Encryption )? > > No, which explain why informations are hard to come:-) > > This is not a bug, but the absence of a feature. > > Note that encryption can occur at many levels, which level is relevant depends on the threat model: > 1. the app can encrypt data in tables > 2. the database can encrypt its files > 3. the os can encrypt a partition > 4. the disks can encrypt their data > > 1. can be done with a pg extension (ISTM that several exist). 3. depends on the OS (data at rest encryption), 4 depends on the hardware. Some people are working on implementing some form of (2). > > -- > Fabien. > > -- Cybertec PostgreSQL International GmbH Gröhrmühlgasse 26, A-2700 Wiener Neustadt Web: https://www.cybertec-postgresql.com <https://www.cybertec-postgresql.com/>