[ale] [OT] securing sensitive data

Danny Cox danscox at mindspring.com
Fri Jan 23 20:54:23 EST 2004


On Fri, 2004-01-23 at 14:13, J.M. Taylor wrote:
> My second quandry is, how on earth do I protect both shared and 
> individualized sensitive data?  Would just a shared secret key and 2-way 
> encryption be enough for the shared data?   

	Back a couple of years ago, when I was doing Ingres consulting and we
had wood burning computers ;-):

	Ingres had permissions for both users and groups, and roles.  For any
table or view, you could grant select/update/delete/insert permissions
to users, groups, and roles.

	The users and groups you understand.  They're just like the Linux
ones.  Roles were cute: a process (the cannonical meaning) could be
granted a "role" of X, where X was a previously created arbitary name. 
That role, then acted like a user, gaining or being denied the 4
permissions.

	One cool idea was: deny all access to a table.  Then create views of
that table, and grant users, groups, or roles permissions on the
individual views.  You had lots of flexibility that way, hiding certain
columns, and exposing others.

	Now, I have no idea if PostgreSQL has GRANTs or ROLEs or not, but if it
does, or if MySQL does, then that's an option to consider.

-- 
kernel, n.: A part of an operating system that preserves the
medieval traditions of sorcery and black art.

Danny



More information about the Ale mailing list