Chapter 31. Enhanced Security

Chapter 31. Enhanced Security
Prev	Up	Part III. Server Administration	Home	Next

Chapter 31. Enhanced Security

Table of Contents

31.1. Memory Purge

31.1.1. Deleting Files from External Memory
31.1.2. Page Cleanup
31.1.3. Clearing Random-Access Memory
31.1.4. Cleaning up WAL Files

31.2. Integrity Checks

31.2.1. Overview
31.2.2. Checking Integrity at Server Startup
31.2.3. Scheduling Integrity Checks

31.3. Separation of Duties between Privileged DBMS Users

31.3.1. Overview
31.3.2. Creation of Additional Administrators
31.3.3. Revoking Superuser Access

31.4. Restricting DBMS Administrator's Data Access

31.4.1. Overview
31.4.2. Creating Administrators and Managers of the DB Secured Schema
31.4.3. Creating a Table in the Secured Schema
31.4.4. Moving a Table to the Secured Schema
31.4.5. Permitting Access to a Protected Table
31.4.6. Checking Access: Filling in a Protected Table
31.4.7. Changes Made to a Backup Application
31.4.8. Changes Made to the Integrity-check Utility

This chapter describes enhanced security mechanisms available in the certified edition of Postgres Pro Enterprise. Moreover, Postgres Pro Enterprise provides the following native security tools:

The pg_proaudit extension enables detailed logging of various security events.
Advanced authentication policies allow you to restrict database usage and enforce password requirements by assigning profiles to roles. For details on profiles, see CREATE PROFILE. The catalog pg_profile lists all profiles available for your cluster.

Prev	Up	Next
30.4. Extensibility	Home	31.1. Memory Purge