Secure PostgreSQL Deployment

Magnus Hagander

From PostgreSQL Conference West Speakers

PostgreSQL supports several options for securing communications when deployed outside the typical webserver/database combination. This talk will go into some details about the features that make this possible, with some extra focus on the changes in 8.4. The main areas discussed are: * Securing the channel between client and server using SSL, including an overview of the threats and how to secure against them * Securing the login process, using LDAP, Kerberos or SSL certificates, including the use of smartcards to log into the database The talk will not focus on security and access control inside the database once the user is connected and authenticated.