MLS PostgreSQL: Implementing Multi-level Security in PostgreSQL with RLS and SELinux
Joe Conway is an innovative leader with broad experience in a wide array of disciplines and extensive international business exposure. He has been involved with the PostgreSQL community since 1998, presently as a PostgreSQL Committer, Major Contributor, and Infrastructure Team member. He is also the author and maintainer of a PostgreSQL procedural language handler for the R language, PL/R. Joe is currently VP PostgreSQL Engineering at Crunchy Data Solutions and a Board Member at the United States PostgreSQL Association (PgUS).
No video of the event yet, sorry!
PostgreSQL 9.5 has a new feature called Row Level Security (RLS). Using RLS, a PostgreSQL extension called sepgsql (somewhat modified), and Security Enhanced Linux (SELinux) configured properly, it is possible to create a Multi-level Security database. This talk will describe how it can be done, including: Overview/Use-case Solution Components * RLS * SELinux * sepgsql Configuration and Setup * Operating System/Networking/SELinux * sepgsql * Database schema/DDL Results * Authentication * Query * DML * Performance
- 30 min
- PGConf US 2016 [PgConf.US]