Re: Making the DB secure
| От | Sean Davis |
|---|---|
| Тема | Re: Making the DB secure |
| Дата | |
| Msg-id | 6afc7d70fc0540b0baaad51978948de0@mail.nih.gov обсуждение исходный текст |
| Ответ на | Making the DB secure (Együd Csaba <csegyud@vnet.hu>) |
| Ответы |
Re: Making the DB secure
|
| Список | pgsql-general |
On Jun 17, 2005, at 8:49 AM, Együd Csaba wrote: > Hi, > we plan to make available our database from the internet (direct tcp/ip > based connections). We want to make it as secure as possible. There > are a > few users who could access the database, but we want to block any other > users to access. > > Our plans are: > - using encripted (ssl) connections - since sensitive (medical) > personal > information are stored. > (How to setup this? What do we need on server side, and what on > client > side?) > - using pg_hba.conf to configure authentication method and IP filters > - forcing our users to change their passwords frequently > - applying strong password policy (long pw, containing > upper/lowercase > characters and numbers) > > Could anybody suggest us something more valuable features in postgres > to > improve the security? > Regarding SSL, I'd like to know how to use it correctly. What we have > to do > on the server to accept ssl connections, and what kind of client > softwares > are required. > > Many thanks, > > -- Csaba Együd It sounds like you might want to think about hiring a consultant to help out here--what do others think? With medical information, this is not something you want to get wrong. Sean
В списке pgsql-general по дате отправления: