Chapter 32. Enhanced Security

Chapter 32. Enhanced Security
Prev	Up	Part III. Server Administration	Home	Next

Table of Contents

32.1. Memory Purge

32.1.1. Deleting Files from External Memory
32.1.2. Page Cleanup
32.1.3. Clearing Random-Access Memory
32.1.4. Cleaning up WAL Files

32.2. Integrity Checks

32.2.1. Overview
32.2.2. Checking Integrity at Server Startup
32.2.3. Scheduling Integrity Checks

32.3. Separation of Duties between Privileged DBMS Users

32.3.1. Overview
32.3.2. Creation of Additional Administrators
32.3.3. Revoking Superuser Access

32.4. Restricting DBMS Administrator's Data Access

32.4.1. Overview
32.4.2. Creating Administrators and Managers of the DB Secured Schema
32.4.3. Creating a Table in the Secured Schema
32.4.4. Moving a Table to the Secured Schema
32.4.5. Permitting Access to a Protected Table
32.4.6. Checking Access: Filling in a Protected Table
32.4.7. Changes Made to an Export Application
32.4.8. Changes Made to the Integrity-check Utility

This chapter describes enhanced security mechanisms available in the certified edition of Postgres Pro Enterprise. Moreover, Postgres Pro Enterprise provides the following native security tools:

The pg_proaudit extension enables detailed logging of various security events.
Advanced authentication policies allow you to restrict database usage and enforce password requirements by assigning profiles to roles. For details on profiles, see CREATE PROFILE. The catalog pg_profile lists all profiles available for your cluster.
Transparent Data Encryption (TDE) feature that enables page level encryption in Postgres Pro Enterprise with the pgpro_tde extension.

Prev	Up	Next
31.4. Extensibility	Home	32.1. Memory Purge