Room: DMS 1120
An often requested capability is transparent data encryption, where the bulk of the data is encrypted on the filesystem by the database engine. While this addresses only a limited number of attack vectors, it’s often called for by certain standards organizations.
An effort is ongoing in the PostgreSQL community to provide a TDE solution. This necessarily involves a level of key management in the database server along with the ability to actually encrypt the data pages and the write ahead log as they’re being written out.
This talk will cover the current state of the TDE work for PostgreSQL- what’s been accomplished thus far and what the next steps are.