Secure PostgreSQL deployment

Magnus Hagander

From East 2010 Speakers

PostgreSQL supports several options for securing communications when deployed outside the typical webserver/database combination. This talk will go into some details about the features that make this possible, with some extra focus on the changes in 8.4. The main areas discussed are:

* Securing the channel between client and server using SSL, including an overview of the threats and how to secure against them

* Securing the login process, using LDAP, Kerberos or SSL certificates, including the use of smartcards to log into the database

The talk will not focus on security and access control inside the database once the user is connected and authenticated.

Secure PostgreSQL deployments upd_v9.pdf2.09 MB