Securing Your Data on Postgres
Working as DBA at OmniTI since June 2013. Had previously interned here in 2012 and was introduced to the beautiful world of PostgreSQL.
CS Master's student at University of Maryland, Baltimore County.
Did my B.E in CS at Panjab University, India.
No video of the event yet, sorry!
This talk will cover the various features that Postgres provides for data security, from the very basic to the most advanced.
While most applications are aware of the minimum basic security features and use them, there is often a lack of understanding about how best to manage them, especially with major security features being released with every major version of Postgres. As for advanced features, sadly most of them go unnoticed and unused in most cases. The topics I will cover are:
- Host Based Authentication in Postgres and how it differs from the way other RDBMS manage users and authentications, especially MySQL.
- Peculiarities of Postgres in permissions and ACL.
- Setting up and using SSL/TLS for connections and certificate management
- Row-level security
- Event triggers
- Implementing PCI security standards for storing credit card data.
- Using appropriate filesystem permissions
- Encrypting your data stored in Postgres
- Implementing table level auditing with minimal storage requirements within the database, and other alternatives for auditing.
- Reviewing and rejecting SQL injections
- Other PostgreSQL security features
- Upcoming security features in Postgres 10
- Features that Postgres currently lacks
I will also discuss recommended monitoring to ensure security implementations set up are working as intended, especially with PCI.
- 50 min
- PGConf Local: Philly 2017 [PgConf.US]