Presented by:

4327055f5cebef343e46341d95f944af

Abbas Butt

EnterpriseDB

Abbas Butt (abbas.butt@enterprisedb.com) is a Senior Software Architect at EnterpriseDB.
He has been working for EnterpriseDB since Jan 2011.
He has over 20 years of product development experience.

  • Currently working on
    • Migration Portal for online schema migration from Oracle to PostgreSQL
    • xDB and EPRS Replication Server
  • Previously worked on
    • XA Compliance for PostgreSQL
    • Porting a Telecom operator's Tuxedo based application from Oracle to PPAS
    • Postgres-XC
    • Packages for IBM DB2
      • UTL_ENCODE
      • UTL_TCP
      • UTL_SMTP
      • UTL_MAIL
    • Hospital Management System
    • Tele-medicine & Video Conferencing
    • Electronic Stethoscope
    • Accounts Management System
    • Payphone Management System
    • IVR based Telecom Billing System
    • Voice Communication System
    • Mobile Observer Unit Automation
    • 8051 micro controller based payphone

https://pk.linkedin.com/in/abbasbutt

No video of the event yet, sorry!

This tutorial will explore the options that are available for data security in PostgreSQL version 12 on Linux. The tutorial will go into reasonable details. For each topic the tutorial will provide detailed steps required for setup and testing.
The main topics that will be discussed are as follows:

  1. Introduction to Cryptography
  2. SSL, TLS, GSSAPI and OpenSSL
  3. Client Side Encryption
    3.1. Using libpq and OpenSSL in a C Application
    3.2. Using JDBC in a Java Application
  4. Securing Authentication
    4.1. Using SCRAM
    4.2. Using SSL Certificates
    4.3. Other options in pg_hba.conf
  5. Securing Data over the Network
    5.1. Using SSL
    5.2. Using GSSAPI
  6. Securing Data on the disk
    6.1. Using pgcrypto
    6.2. Using eCryptfs
    6.3. Using EncFS
    6.4. Using dm-crypt
  7. Securing Backup & Basebackup
  8. Securing Synchronous Replication
  9. Securing Logical Replication
  10. Database Roles and Privileges
  11. Row Level Security

This tutorial will NOT cover the following topics:
a) Auditing, Monitoring & Key Management
b) Compliance and Security Standards
c) Impact of encryption on performance

Date:
2020 March 26 14:00
Duration:
3 h
Room:
Wilder
Conference:
Postgres Conference 2020
Language:
Track:
Ops and Administration
Difficulty:
Medium
Requires Registration:
Yes (Registered: 0/30)