Hello ppl,
any one can tell me how I can secure linux server with database
postgres for example ?
Im thinking to make a cryptfs file system and to deploy database over
the cryptfs. The problem
here may will be when front end need any data for in/out cpus of the
server will aways
decrypt/encrypt data and performance will be very low.

I remember a few months ago some one ask similar question about how he
can crypt data that is
stored on database and problem was the key. Key is stored on the same
server if some one
get access can decrypt data.

Any one have some ideas how to make something like crypt bubble and to
store database there ?
Or something else ?

R.

Search Discussions

  • Merlin Moncure at Aug 22, 2011 at 2:32 pm

    On Mon, Aug 22, 2011 at 3:40 AM, Condor wrote:
    Hello ppl,
    any one can tell me how I can secure linux server with database postgres for
    example ?
    Im thinking to make a cryptfs file system and to deploy database over the
    cryptfs. The problem
    here may will be when front end need any data for in/out cpus of the server
    will aways
    decrypt/encrypt data and performance will be very low.

    I remember a few months ago some one ask similar question about how he can
    crypt data that is
    stored on database and problem was the key. Key is stored on the same server
    if some one
    get access can decrypt data.

    Any one have some ideas how to make something like crypt bubble and to store
    database there ?
    Or something else ?
    Worrying about security without defining and understanding the threats
    you face is a pointless exercise. If you are worried about physical
    loss of the drive, a better defense is to encrypt/decrypt sensitive
    data on the client so that the server is not exposed to the key.
    Obviously, this has downsides like not being able to index or ad hoc
    search the data in question. So, who are you worried about -- what
    are the threats?

    merlin
  • Condor at Aug 22, 2011 at 5:34 pm

    On Mon, 22 Aug 2011 09:32:39 -0500, Merlin Moncure wrote:
    On Mon, Aug 22, 2011 at 3:40 AM, Condor wrote:
    Hello ppl,
    any one can tell me how I can secure linux server with database
    postgres for
    example ?
    Im thinking to make a cryptfs file system and to deploy database
    over the
    cryptfs. The problem
    here may will be when front end need any data for in/out cpus of the
    server
    will aways
    decrypt/encrypt data and performance will be very low.

    I remember a few months ago some one ask similar question about how
    he can
    crypt data that is
    stored on database and problem was the key. Key is stored on the
    same server
    if some one
    get access can decrypt data.

    Any one have some ideas how to make something like crypt bubble and
    to store
    database there ?
    Or something else ?
    Worrying about security without defining and understanding the
    threats
    you face is a pointless exercise. If you are worried about physical
    loss of the drive, a better defense is to encrypt/decrypt sensitive
    data on the client so that the server is not exposed to the key.
    Obviously, this has downsides like not being able to index or ad hoc
    search the data in question. So, who are you worried about -- what
    are the threats?

    merlin

    I did not worry about hackers attack, I worrying how to secure data
    if I physical loss hard drives or server. Let's just imagine that you
    have
    a server and you store on it important data like credit cards, bank
    acc,
    password, clients names, addresses, social numbers, phone numbers and
    some think like that ... very important information. When front end is
    secured Im worry if I loss hard drives or server. I think if some one
    buy so expensive server is not necessary some one with gun to watching
    it.

    R.
  • John R Pierce at Aug 22, 2011 at 5:54 pm

    On 08/22/11 10:34 AM, Condor wrote:
    I did not worry about hackers attack, I worrying how to secure data
    if I physical loss hard drives or server.
    so when this remote server reboots, where does the encryption key come from?



    --
    john r pierce N 37, W 122
    santa cruz ca mid-left coast
  • Condor at Aug 22, 2011 at 6:21 pm

    On Mon, 22 Aug 2011 10:54:23 -0700, John R Pierce wrote:
    On 08/22/11 10:34 AM, Condor wrote:

    I did not worry about hackers attack, I worrying how to secure data
    if I physical loss hard drives or server.
    so when this remote server reboots, where does the encryption key
    come from?



    --
    john r pierce N 37, W 122
    santa cruz ca mid-left coast

    Mount over NFS ?

    R.
  • Gary Chambers at Aug 22, 2011 at 6:26 pm

    so when this remote server reboots, where does the encryption key come
    from?
    Why, from a file that resides in /root on the server, of course! :-)
    That's secure, right?

    -- Gary Chambers
  • Condor at Aug 23, 2011 at 6:25 am

    On Mon, 22 Aug 2011 14:20:00 -0400 (EDT), Gary Chambers wrote:
    so when this remote server reboots, where does the encryption key
    come
    from?
    Why, from a file that resides in /root on the server, of course! :-)
    That's secure, right?

    -- Gary Chambers
    Isn't necessary to be on the same server. The key can be stored
    somewhere
    on NFS for example, if you loss the server, they cant access the key
    because
    server wont have access to local NFS storage.
    Another example, can be stored over flash memory and when server is
    restarted the monitor guy insert flash memory. It's have so many
    variants.
    I did not understand what is the point of your comment.


    R.
  • Chris Travers at Aug 22, 2011 at 6:21 pm

    On Mon, Aug 22, 2011 at 10:34 AM, Condor wrote:

    I did not worry about hackers attack, I worrying how to secure data
    if I physical loss hard drives or server. Let's just imagine that you have
    a server and you store on it important data like credit cards, bank acc,
    password, clients names, addresses, social numbers, phone numbers and
    some think like that ... very important information. When front end is
    secured Im worry if I loss hard drives or server. I think if some one
    buy so expensive server is not necessary some one with gun to watching it.
    The best solution typically is to see how much of the stuff like
    credit card numbers you can avoid storing. Absence of the target is
    in fact the best way to keep the target secure.

    If yo must store credit card data, then the PCI-DSS requires that
    these be stored encrypted with proper key management controls in
    place. The key management controls are the hard part. Throwing
    together something that's PCI-DSS-compliant on the surface looks easy.
    Doing it right is surprisingly hard. On top of this you have to
    think about the fact that key management can become a significant
    issue. When you change keys, think about the level of work that
    requires on the part of the database server to decrypt stuff with the
    old key and encrypt it all with the new key....

    Best Wishes,
    Chris Travers
  • Michael Nolan at Aug 22, 2011 at 4:19 pm

    On Mon, Aug 22, 2011 at 3:40 AM, Condor wrote:

    Hello ppl,
    any one can tell me how I can secure linux server with database postgres
    for example ?
    Im thinking to make a cryptfs file system and to deploy database over the
    cryptfs. The problem
    here may will be when front end need any data for in/out cpus of the server
    will aways
    decrypt/encrypt data and performance will be very low.

    I remember a few months ago some one ask similar question about how he can
    crypt data that is
    stored on database and problem was the key. Key is stored on the same
    server if some one
    get access can decrypt data.

    Any one have some ideas how to make something like crypt bubble and to
    store database there ?
    Or something else ?


    --
    Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
    To make changes to your subscription:
    http://www.postgresql.org/**mailpref/pgsql-general<http://www.postgresql.org/mailpref/pgsql-general>
    Recently, as a test I created a database using encfs and ran some tests
    against the same database but unencrypted.

    In both cases the data was being stored on a 500 GB external hard drive
    connected via USB2 to an HP laptop running Linux Fedora 15.

    I found that the encrypted database ran 15-20% slower on PostgreSQL 9.0.4 on
    most queries.
    --
    Mike Nolan
  • Chris Travers at Aug 22, 2011 at 6:10 pm

    On Mon, Aug 22, 2011 at 1:40 AM, Condor wrote:
    Hello ppl,
    any one can tell me how I can secure linux server with database postgres for
    example ?
    Here are a few steps:
    1) Identify your environment. Focus on details. For example, this
    might be in a monitored server room where access is required to reach
    the physical server.
    2) Identify the security threats of that environment. In such an
    environment you have physical security threats which are handled
    through physical security, and network security threats which are
    handled through network security. The software might also have other
    security considerations.
    3) Identify a level of risk that is an acceptable tradeoff between
    security and usability.
    4) Create a plan along the general lines of that acceptable tradeoff.
    Im thinking to make a cryptfs file system and to deploy database over the
    cryptfs. The problem
    here may will be when front end need any data for in/out cpus of the server
    will aways
    decrypt/encrypt data and performance will be very low.
    And besides what does it buy you? What are you protecting against?
    I remember a few months ago some one ask similar question about how he can
    crypt data that is
    stored on database and problem was the key. Key is stored on the same server
    if some one
    get access can decrypt data.
    In general, trying to use cryptography-based security is a bad
    tradeoff. There are times when it is important but then the
    cryptographic management needs to be built in at every level. For
    example, the user might have a key which is used to decrypt the actual
    storage key. The thing is that has to be handled app-side, and unless
    you really have a good idea of what you are doing and why, chances are
    all you will succeed in doing is killing performance.

    I have looked at a very few cases where this is not a bad tradeoff.
    However those are pretty rare.

    Best Wishes,
    Chris Travers

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppgsql-general @
categoriespostgresql
postedAug 22, '11 at 8:40a
activeAug 23, '11 at 6:25a
posts10
users6
websitepostgresql.org
irc#postgresql

People

Translate

site design / logo © 2022 Grokbase