PGCon2010 - Final Release III

PGCon 2010
The PostgreSQL Conference

Stephen Frost
Day Tutorials - 2 - 2010-05-19
Room DMS 1110
Start time 13:00
Duration 03:00
ID 242
Event type Workshop
Track Tutorial
Language used for presentation English

PostgreSQL Access Controls (AuthN, AuthZ, Perms)

Controlling Access to your database- Roles; Kerberos, LDAP, SSL, RADIUS(!); Database Permissions

An introduction and thorough review of access control in PostgreSQL. All access control will be covered, but special attention will be paid to new features and changes in 8.5. This will include both System Admin configuration specifics (hba.conf) and Database Admin permissions (GRANT system).

PostgreSQL offers many options for controlling access, from authentication and log in to the role system and finally the hierarchy of authorization to specific resources. System Administrators and Database Administrators need to understand these complexities to ensure their system is both robust and secure. With 8.5 there have been some changes to existing options and new capabilities (RADIUS support). We will go through all of the authentication options that PostgreSQL offers, focusing on RADIUS (new in 8.5) and enterprise-wide authentication schemes (Kerberos, LDAP, SSL), then walk through setting up roles following best practices and privilege separation, and finally go through the privilege system from database-level down to column-level.