title

text

Ibrar Ahmed
Ibrar Ahmed Percona LLC
12:05 01 March
45 мин

All about PostgreSQL Security

PostgreSQL provides different levels of security. This talk will cover all the available security techniques used in PostgreSQL 13. We’ll look at client-side security (LibPq, JDBC) through to server-side security. It will cover all supported authentication methods and the pros and cons of all these methods. Some of the key features of the talk are:

  • Introduction to Cryptography
  • SSL, TLS, GSSAPI, and OpenSSL
  • Client-Side Encryption
  • Securing Authentication
  • Securing Data on the disk
  • Securing Backup & Basebackup
  • Securing Replication
  • Database Roles and Privileges

It’s important to be familiar with all the security levels such as (1)network-level security (2) on-disk security (3) row-level, (4), and column level security. The talk will cover all the aspects with some real-life use cases and examples.

Видео

Другие доклады

  • Egor Rogov
    Egor Rogov Postgres Professional
    45 мин

    What's new in Postgres Professional training courses

    Our company's educational projects are intended to facilitate learning of PostgreSQL. Last year, we focused on courses for application developers: we updated DEV1 basic course and released a brand new DEV2 course. What has changed in training materials representation, how we see the further development of the courses and what else do we have besides the courses, whether the courses for DBAs will be updated and how this will affect the certification and that's what I will talk about.

  • Alexey Fadeev
    Alexey Fadeev Sibedge
    22 мин

    Multicorn Foreign Data Wrapper vs plpython

    Multicorn technology allows you to develop FDWs in Python, which is much easier and faster than creating FDWs in C. However, there is a downside, Multicorn FDWs work well with primitive WHERE conditions, but more complex cases cause difficulties, which I will talk about. Cases will be considered on the example of my Multicorn FDW for getting OpenStreetMap data. I will also show examples of using the same code in Multicorn FDW and plpython functions, including performance comparison. In conclusion, I will share my findings on when it is better to use plpython, and when Multicorn FDW is more preferable.

  • Dmitry Ursegov
    Dmitry Ursegov Postgres Professional
    45 мин

    Shardman - the native approach to sharding in PostgreSQL

    The amount of data that is handled today by Enterprises and Web companies is constantly growing. At the same time, it becomes increasingly difficult to have and synchronize several copies of data in different systems. As a result there is a demand to work with large amounts of data directly in a transactional DBMS. This requirement is often imposed by the logic of applications that need real-time results. In this talk we will consider what a universal distributed transactional DBMS can be. We will analyze such aspects as the types of load and their prioritization, dynamic resource allocation and the level of consistency. What tools in PostgreSQL can be used to build such system, what we have already done and what is still missing.

  • Robert Bernier
    Robert Bernier Percona
    45 мин

    pg_upgrade, Advanced Techniques

    When it comes to performing postgres upgrades between major versions the command line utility pg_upgrade is the most popular method used today. But as with all things wonderful, there are caveats. One of the more critical issues is what to do when there's a failure. The purpose of this talk is to present those little covered "tricks" of the trade that allows one to improve and enhance the upgrade experience.

    We'll start out by reviewing its basic mode operation. We'll then learn what makes it so darn fast when upgrading multi-terabyte datacluster in a matter of minutes. Finally, you will be introduced to those feared failures and how to deal with them with confidence and certainty.

    Herein is a summary of the topics in this talk:

    • How pg_upgrade works: the big picture
    • About pgupgrade (comand line invocation)

      • arguments and options

    • The steps performing an upgrade
    • About the replication ROLE

      • with replication
      • with login

    • Upgrade options: COPY vs Hard Link
    • Post-upgrade

      • about performance
      • aboutanalyze
      • repack
      • reindexing

    • When something goes wrong at the point of no return (or is it?)
    • Upgrading the REPLICA
      • default method: pg_basebackup
      • the cool method:
        • - leveraging rsync
        • caveat; about vacuum wraparound