SlideShare a Scribd company logo

Postgres seminar

M
mahsanaru

This document summarizes security concepts in PostgreSQL including authentication, roles, and row-level security. It begins with an introduction comparing PostgreSQL and MySQL. Authentication methods in PostgreSQL include password, peer, and LDAP authentication configured via pg_hba.conf. Roles in PostgreSQL define privileges and inheritance and include attributes like SUPERUSER, LOGIN, and INHERIT. Row-level security controls access at the row level and examples demonstrate how to configure policies and the default policy.

Engineering
1 of 25
Download to read offline
Security in PostgreSQL Presented by Mahsa Monem and Majid Mobini under supervision of Dr. Dorri Database Security Course, Tarbiat Modares University, Fall 2018 https://www.aparat.com/v/BDVoz
Contents • Introduction (PostgreSQL vs MySQL) • Authentication • Roles • Row Level Security
PostgreSQL vs MySQL • MySQL is a relational database management system whereas, PostgresSQL is ORDBMS (object-relational database management system) ✓ user defined structured data 2
PostgreSQL vs MySQL • MySQL is a relational database management system whereas, PostgresSQL is ORDBMS (object-relational database management system) ✓ user defined structured data ✓ table inheritance 3
PostgreSQL vs MySQL • GUI: phpMyAdmin vs pgAdmin 4
PostgreSQL vs MySQL • PostgreSQL provide data domain object. 5
PostgreSQL vs MySQL • MySQL provides temporary tables but does not provide materialized view. However, PostgreSQL provides temporary table and also the materialized view. ✓ In MySQL, a temporary table is a special type of table that allows you to store a temporary result set, which you can reuse several times in a single session. A temporary table is very handy when it is impossible or expensive to query data that requires a single SELECT statement with the JOIN clauses. ✓ A MatView is in between a view and a table. Basically it’s built with a query referring to one or more tables, and the results are stored physically, making it acting like a cache. 6
Contents • Introduction (PostgreSQL vs MySQL) • Authentication • Roles • Row Level Security
Authentication • Trust authentication (single-user workstation) • Peer authentication - Map: Allows for mapping between system and database user names • Ident authentication - obtaining the client's operating system user name from an ident server and using it as the allowed database user name • Password authentication (password, md5, scram-sha-256) • LDAP authentication 9
Authentication (pg_hba.conf) 10 
 Apply changes by: - Restart PostgreSQL service - SELECT pg_realod_conf( ) ; 

Contents • Introduction (PostgreSQL vs MySQL) • Authentication • Roles • Row Level Security
ROLES • Role concept - a role can be considered a “user”, a “group”, or both depending on how it is used. ✓ SUPERUSER vs NOSUPERUSER ✓ CREATEDB vs NOCREATEDB ✓ CREATEROLE vs NOCREATEROLE 13
ROLES ✓ LOGIN vs NOLOGIN These clauses determine whether a role is allowed to log in; that is, whether the role can be given as the initial session authorization name during client connection. A role having the LOGIN attribute can be thought of as a user. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. 14
ROLES ✓ INHERIT vs NOINHERIT These clauses determine whether a role “inherits” the privileges of roles it is a member of. A role with the INHERIT attribute can automatically use whatever database privileges have been granted to all roles it is directly or indirectly a member of. Without INHERIT, membership in another role only grants the ability to SET ROLE to that other role; the privileges of the other role are only available after having done so. ✓ BYPASSRLS vs NOBYPASSRLS 15
ROLES 16
ROLES 17
Contents • Introduction (PostgreSQL vs MySQL) • Authentication • Roles • Row Level Security
ROW LEVEL SECURITY 19
ROW LEVEL SECURITY 20
ROW LEVEL SECURITY • BYPASSRLS • Table Owner - ALTER TABLE accounts FORCE ROW LEVEL SECURITY; • Default Policy 21
ROW LEVEL SECURITY - EXAMPLE 22
ROW LEVEL SECURITY - EXAMPLE 23
References • https://www.postgresql.org/docs/10/auth-methods.html • https://www.postgresql.org/docs/10/sql-createrole.html • https://www.postgresql.org/docs/10/user-manag.html • https://www.postgresql.org/docs/10/role-membership.html • https://www.postgresql.org/docs/9.5/ddl-rowsecurity.html • https://www.percona.com/live/18/sessions/securing-your-data-on-postgresql • https://medium.com/jobteaser-dev-team/materialized-views-with-postgresql-for- beginners-9809483db35f • https://stackoverflow.com/questions/45865961/what-does-postgresql-to-be-ordbms-mean 24

Recommended

Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
EDB
 
Postgresql
PostgresqlPostgresql
Postgresql
NexThoughts Technologies
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
EDB
 
Getting started with postgresql
Getting started with postgresqlGetting started with postgresql
Getting started with postgresql
botsplash.com
 
ProxySQL for MySQL
ProxySQL for MySQLProxySQL for MySQL
ProxySQL for MySQL
Mydbops
 
PGEncryption_Tutorial
PGEncryption_TutorialPGEncryption_Tutorial
PGEncryption_Tutorial
Vibhor Kumar
 
Introduction to PostgreSQL
Introduction to PostgreSQLIntroduction to PostgreSQL
Introduction to PostgreSQL
Joel Brewer
 
NoSQL databases
NoSQL databasesNoSQL databases
NoSQL databases
Harri Kauhanen
 

Recommended

Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
EDB
 
Postgresql
PostgresqlPostgresql
Postgresql
NexThoughts Technologies
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQL
EDB
 
Getting started with postgresql
Getting started with postgresqlGetting started with postgresql
Getting started with postgresql
botsplash.com
 
ProxySQL for MySQL
ProxySQL for MySQLProxySQL for MySQL
ProxySQL for MySQL
Mydbops
 
PGEncryption_Tutorial
PGEncryption_TutorialPGEncryption_Tutorial
PGEncryption_Tutorial
Vibhor Kumar
 
Introduction to PostgreSQL
Introduction to PostgreSQLIntroduction to PostgreSQL
Introduction to PostgreSQL
Joel Brewer
 
NoSQL databases
NoSQL databasesNoSQL databases
NoSQL databases
Harri Kauhanen
 
No sqlpresentation
No sqlpresentationNo sqlpresentation
No sqlpresentation
Salma Gouia
 
Introduction to PostgreSQL
Introduction to PostgreSQLIntroduction to PostgreSQL
Introduction to PostgreSQL
Jim Mlodgenski
 
Security Best Practices for your Postgres Deployment
Security Best Practices for your Postgres DeploymentSecurity Best Practices for your Postgres Deployment
Security Best Practices for your Postgres Deployment
PGConf APAC
 
PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?
Ohyama Masanori
 
MariaDB Performance Tuning and Optimization
MariaDB Performance Tuning and OptimizationMariaDB Performance Tuning and Optimization
MariaDB Performance Tuning and Optimization
MariaDB plc
 
Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12c
Nabeel Yoosuf
 
OpenGurukul : Database : PostgreSQL
OpenGurukul : Database : PostgreSQLOpenGurukul : Database : PostgreSQL
OpenGurukul : Database : PostgreSQL
Open Gurukul
 
MySQL 상태 메시지 분석 및 활용
MySQL 상태 메시지 분석 및 활용MySQL 상태 메시지 분석 및 활용
MySQL 상태 메시지 분석 및 활용
I Goo Lee
 
Mastering PostgreSQL Administration
Mastering PostgreSQL AdministrationMastering PostgreSQL Administration
Mastering PostgreSQL Administration
EDB
 
Oracle to Postgres Migration - part 2
Oracle to Postgres Migration - part 2Oracle to Postgres Migration - part 2
Oracle to Postgres Migration - part 2
PgTraining
 
Introduction to NoSQL
Introduction to NoSQLIntroduction to NoSQL
Introduction to NoSQL
PolarSeven Pty Ltd
 
Cassandra
CassandraCassandra
Cassandra
Upaang Saxena
 
Learning postgresql
Learning postgresqlLearning postgresql
Learning postgresql
DAVID RAUDALES
 
What is new in PostgreSQL 14?
What is new in PostgreSQL 14?What is new in PostgreSQL 14?
What is new in PostgreSQL 14?
Mydbops
 
Introduction to DGraph - A Graph Database
Introduction to DGraph - A Graph DatabaseIntroduction to DGraph - A Graph Database
Introduction to DGraph - A Graph Database
Knoldus Inc.
 
PostgreSQL
PostgreSQLPostgreSQL
PostgreSQL
Amazon Web Services
 
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptxEncrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
Neo4j
 
OrientDB
OrientDBOrientDB
OrientDB
aemadrid
 
NOSQL- Presentation on NoSQL
NOSQL- Presentation on NoSQLNOSQL- Presentation on NoSQL
NOSQL- Presentation on NoSQL
Ramakant Soni
 
Postgresql tutorial
Postgresql tutorialPostgresql tutorial
Postgresql tutorial
Ashoka Vanjare
 
PostgreSQL- An Introduction
PostgreSQL- An IntroductionPostgreSQL- An Introduction
PostgreSQL- An Introduction
Smita Prasad
 
PostgreSQL, MongoDb, Express, React, Structured
PostgreSQL, MongoDb, Express, React, StructuredPostgreSQL, MongoDb, Express, React, Structured
PostgreSQL, MongoDb, Express, React, Structured
priya951125
 

More Related Content

What's hot

No sqlpresentation
No sqlpresentationNo sqlpresentation
No sqlpresentation
Salma Gouia
 
Introduction to PostgreSQL
Introduction to PostgreSQLIntroduction to PostgreSQL
Introduction to PostgreSQL
Jim Mlodgenski
 
Security Best Practices for your Postgres Deployment
Security Best Practices for your Postgres DeploymentSecurity Best Practices for your Postgres Deployment
Security Best Practices for your Postgres Deployment
PGConf APAC
 
PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?
Ohyama Masanori
 
MariaDB Performance Tuning and Optimization
MariaDB Performance Tuning and OptimizationMariaDB Performance Tuning and Optimization
MariaDB Performance Tuning and Optimization
MariaDB plc
 
Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12c
Nabeel Yoosuf
 
OpenGurukul : Database : PostgreSQL
OpenGurukul : Database : PostgreSQLOpenGurukul : Database : PostgreSQL
OpenGurukul : Database : PostgreSQL
Open Gurukul
 
MySQL 상태 메시지 분석 및 활용
MySQL 상태 메시지 분석 및 활용MySQL 상태 메시지 분석 및 활용
MySQL 상태 메시지 분석 및 활용
I Goo Lee
 
Mastering PostgreSQL Administration
Mastering PostgreSQL AdministrationMastering PostgreSQL Administration
Mastering PostgreSQL Administration
EDB
 
Oracle to Postgres Migration - part 2
Oracle to Postgres Migration - part 2Oracle to Postgres Migration - part 2
Oracle to Postgres Migration - part 2
PgTraining
 
Introduction to NoSQL
Introduction to NoSQLIntroduction to NoSQL
Introduction to NoSQL
PolarSeven Pty Ltd
 
Cassandra
CassandraCassandra
Cassandra
Upaang Saxena
 
Learning postgresql
Learning postgresqlLearning postgresql
Learning postgresql
DAVID RAUDALES
 
What is new in PostgreSQL 14?
What is new in PostgreSQL 14?What is new in PostgreSQL 14?
What is new in PostgreSQL 14?
Mydbops
 
Introduction to DGraph - A Graph Database
Introduction to DGraph - A Graph DatabaseIntroduction to DGraph - A Graph Database
Introduction to DGraph - A Graph Database
Knoldus Inc.
 
PostgreSQL
PostgreSQLPostgreSQL
PostgreSQL
Amazon Web Services
 
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptxEncrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
Neo4j
 
OrientDB
OrientDBOrientDB
OrientDB
aemadrid
 
NOSQL- Presentation on NoSQL
NOSQL- Presentation on NoSQLNOSQL- Presentation on NoSQL
NOSQL- Presentation on NoSQL
Ramakant Soni
 
Postgresql tutorial
Postgresql tutorialPostgresql tutorial
Postgresql tutorial
Ashoka Vanjare
 

What's hot (20)

No sqlpresentation
No sqlpresentationNo sqlpresentation
No sqlpresentation
 
Introduction to PostgreSQL
Introduction to PostgreSQLIntroduction to PostgreSQL
Introduction to PostgreSQL
 
Security Best Practices for your Postgres Deployment
Security Best Practices for your Postgres DeploymentSecurity Best Practices for your Postgres Deployment
Security Best Practices for your Postgres Deployment
 
PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?PostgreSQL Security. How Do We Think?
PostgreSQL Security. How Do We Think?
 
MariaDB Performance Tuning and Optimization
MariaDB Performance Tuning and OptimizationMariaDB Performance Tuning and Optimization
MariaDB Performance Tuning and Optimization
 
Oracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12cOracle Transparent Data Encryption (TDE) 12c
Oracle Transparent Data Encryption (TDE) 12c
 
OpenGurukul : Database : PostgreSQL
OpenGurukul : Database : PostgreSQLOpenGurukul : Database : PostgreSQL
OpenGurukul : Database : PostgreSQL
 
MySQL 상태 메시지 분석 및 활용
MySQL 상태 메시지 분석 및 활용MySQL 상태 메시지 분석 및 활용
MySQL 상태 메시지 분석 및 활용
 
Mastering PostgreSQL Administration
Mastering PostgreSQL AdministrationMastering PostgreSQL Administration
Mastering PostgreSQL Administration
 
Oracle to Postgres Migration - part 2
Oracle to Postgres Migration - part 2Oracle to Postgres Migration - part 2
Oracle to Postgres Migration - part 2
 
Introduction to NoSQL
Introduction to NoSQLIntroduction to NoSQL
Introduction to NoSQL
 
Cassandra
CassandraCassandra
Cassandra
 
Learning postgresql
Learning postgresqlLearning postgresql
Learning postgresql
 
What is new in PostgreSQL 14?
What is new in PostgreSQL 14?What is new in PostgreSQL 14?
What is new in PostgreSQL 14?
 
Introduction to DGraph - A Graph Database
Introduction to DGraph - A Graph DatabaseIntroduction to DGraph - A Graph Database
Introduction to DGraph - A Graph Database
 
PostgreSQL
PostgreSQLPostgreSQL
PostgreSQL
 
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptxEncrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
Encrypting and Protecting Your Data in Neo4j(Jeff_Tallman).pptx
 
OrientDB
OrientDBOrientDB
OrientDB
 
NOSQL- Presentation on NoSQL
NOSQL- Presentation on NoSQLNOSQL- Presentation on NoSQL
NOSQL- Presentation on NoSQL
 
Postgresql tutorial
Postgresql tutorialPostgresql tutorial
Postgresql tutorial
 

Similar to Postgres seminar

PostgreSQL- An Introduction
PostgreSQL- An IntroductionPostgreSQL- An Introduction
PostgreSQL- An Introduction
Smita Prasad
 
PostgreSQL, MongoDb, Express, React, Structured
PostgreSQL, MongoDb, Express, React, StructuredPostgreSQL, MongoDb, Express, React, Structured
PostgreSQL, MongoDb, Express, React, Structured
priya951125
 
Relational RDBMS : MySQL, PostgreSQL and SQL SERVER
Relational RDBMS : MySQL, PostgreSQL and SQL SERVERRelational RDBMS : MySQL, PostgreSQL and SQL SERVER
Relational RDBMS : MySQL, PostgreSQL and SQL SERVER
Dalila Chouaya
 
Introduction to mongodb
Introduction to mongodbIntroduction to mongodb
Introduction to mongodb
Mohammed Ragab
 
A Practical Multi-Tenant Cluster
A Practical Multi-Tenant ClusterA Practical Multi-Tenant Cluster
A Practical Multi-Tenant Cluster
Command Prompt., Inc
 
Cloud architectural patterns and Microsoft Azure tools
Cloud architectural patterns and Microsoft Azure toolsCloud architectural patterns and Microsoft Azure tools
Cloud architectural patterns and Microsoft Azure tools
Pushkar Chivate
 
Data management in cloud study of existing systems and future opportunities
Data management in cloud study of existing systems and future opportunitiesData management in cloud study of existing systems and future opportunities
Data management in cloud study of existing systems and future opportunities
Editor Jacotech
 
Mongodb vs mysql
Mongodb vs mysqlMongodb vs mysql
Mongodb vs mysql
hemal sharma
 
Azure data platform overview
Azure data platform overviewAzure data platform overview
Azure data platform overview
Alessandro Melchiori
 
MongoDB
MongoDBMongoDB
MongoDB
fsbrooke
 
Why you should(n't) run your databases in the cloud
Why you should(n't) run your databases in the cloudWhy you should(n't) run your databases in the cloud
Why you should(n't) run your databases in the cloud
Microsoft TechNet - Belgium and Luxembourg
 
mongodb tutorial
mongodb tutorialmongodb tutorial
mongodb tutorial
Jaehong Park
 
NoSQL(NOT ONLY SQL)
NoSQL(NOT ONLY SQL)NoSQL(NOT ONLY SQL)
NoSQL(NOT ONLY SQL)
Rahul P
 
SQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George GrammatikosSQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George Grammatikos
George Grammatikos
 
NOSQL
NOSQLNOSQL
NOSQL
akbarashaikh
 
Database workshop - Encode | Bhuvan Gandhi | Vishwas Ganatra
Database workshop - Encode | Bhuvan Gandhi | Vishwas GanatraDatabase workshop - Encode | Bhuvan Gandhi | Vishwas Ganatra
Database workshop - Encode | Bhuvan Gandhi | Vishwas Ganatra
Bhuvan Gandhi
 
Azure cosmos db, Azure no-SQL database,
Azure cosmos db, Azure no-SQL database, Azure cosmos db, Azure no-SQL database,
Azure cosmos db, Azure no-SQL database,
BRIJESH KUMAR
 
NoSQL Database
NoSQL DatabaseNoSQL Database
NoSQL Database
Steve Min
 
Rise of NewSQL
Rise of NewSQLRise of NewSQL
Rise of NewSQL
Sushant Choudhary
 
Comparison between mongo db and cassandra using ycsb
Comparison between mongo db and cassandra using ycsbComparison between mongo db and cassandra using ycsb
Comparison between mongo db and cassandra using ycsb
sonalighai
 

Similar to Postgres seminar (20)

PostgreSQL- An Introduction
PostgreSQL- An IntroductionPostgreSQL- An Introduction
PostgreSQL- An Introduction
 
PostgreSQL, MongoDb, Express, React, Structured
PostgreSQL, MongoDb, Express, React, StructuredPostgreSQL, MongoDb, Express, React, Structured
PostgreSQL, MongoDb, Express, React, Structured
 
Relational RDBMS : MySQL, PostgreSQL and SQL SERVER
Relational RDBMS : MySQL, PostgreSQL and SQL SERVERRelational RDBMS : MySQL, PostgreSQL and SQL SERVER
Relational RDBMS : MySQL, PostgreSQL and SQL SERVER
 
Introduction to mongodb
Introduction to mongodbIntroduction to mongodb
Introduction to mongodb
 
A Practical Multi-Tenant Cluster
A Practical Multi-Tenant ClusterA Practical Multi-Tenant Cluster
A Practical Multi-Tenant Cluster
 
Cloud architectural patterns and Microsoft Azure tools
Cloud architectural patterns and Microsoft Azure toolsCloud architectural patterns and Microsoft Azure tools
Cloud architectural patterns and Microsoft Azure tools
 
Data management in cloud study of existing systems and future opportunities
Data management in cloud study of existing systems and future opportunitiesData management in cloud study of existing systems and future opportunities
Data management in cloud study of existing systems and future opportunities
 
Mongodb vs mysql
Mongodb vs mysqlMongodb vs mysql
Mongodb vs mysql
 
Azure data platform overview
Azure data platform overviewAzure data platform overview
Azure data platform overview
 
MongoDB
MongoDBMongoDB
MongoDB
 
Why you should(n't) run your databases in the cloud
Why you should(n't) run your databases in the cloudWhy you should(n't) run your databases in the cloud
Why you should(n't) run your databases in the cloud
 
mongodb tutorial
mongodb tutorialmongodb tutorial
mongodb tutorial
 
NoSQL(NOT ONLY SQL)
NoSQL(NOT ONLY SQL)NoSQL(NOT ONLY SQL)
NoSQL(NOT ONLY SQL)
 
SQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George GrammatikosSQL or NoSQL, is this the question? - George Grammatikos
SQL or NoSQL, is this the question? - George Grammatikos
 
NOSQL
NOSQLNOSQL
NOSQL
 
Database workshop - Encode | Bhuvan Gandhi | Vishwas Ganatra
Database workshop - Encode | Bhuvan Gandhi | Vishwas GanatraDatabase workshop - Encode | Bhuvan Gandhi | Vishwas Ganatra
Database workshop - Encode | Bhuvan Gandhi | Vishwas Ganatra
 
Azure cosmos db, Azure no-SQL database,
Azure cosmos db, Azure no-SQL database, Azure cosmos db, Azure no-SQL database,
Azure cosmos db, Azure no-SQL database,
 
NoSQL Database
NoSQL DatabaseNoSQL Database
NoSQL Database
 
Rise of NewSQL
Rise of NewSQLRise of NewSQL
Rise of NewSQL
 
Comparison between mongo db and cassandra using ycsb
Comparison between mongo db and cassandra using ycsbComparison between mongo db and cassandra using ycsb
Comparison between mongo db and cassandra using ycsb
 

Recently uploaded

Material for memory and display system h
Material for memory and display system hMaterial for memory and display system h
Material for memory and display system h
gowrishankartb2005
 
Hematology Analyzer Machine - Complete Blood Count
Hematology Analyzer Machine - Complete Blood CountHematology Analyzer Machine - Complete Blood Count
Hematology Analyzer Machine - Complete Blood Count
shahdabdulbaset
 
Null Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAMNull Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAM
Divyanshu
 
artificial intelligence and data science contents.pptx
artificial intelligence and data science contents.pptxartificial intelligence and data science contents.pptx
artificial intelligence and data science contents.pptx
GauravCar
 
Curve Fitting in Numerical Methods Regression
Curve Fitting in Numerical Methods RegressionCurve Fitting in Numerical Methods Regression
Curve Fitting in Numerical Methods Regression
Nada Hikmah
 
BRAIN TUMOR DETECTION for seminar ppt.pdf
BRAIN TUMOR DETECTION for seminar ppt.pdfBRAIN TUMOR DETECTION for seminar ppt.pdf
BRAIN TUMOR DETECTION for seminar ppt.pdf
LAXMAREDDY22
 
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
ydzowc
 
Certificates - Mahmoud Mohamed Moursi Ahmed
Certificates - Mahmoud Mohamed Moursi AhmedCertificates - Mahmoud Mohamed Moursi Ahmed
Certificates - Mahmoud Mohamed Moursi Ahmed
Mahmoud Morsy
 
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
171ticu
 
Data Driven Maintenance | UReason Webinar
Data Driven Maintenance | UReason WebinarData Driven Maintenance | UReason Webinar
Data Driven Maintenance | UReason Webinar
UReason
 
Software Engineering and Project Management - Introduction, Modeling Concepts...
Software Engineering and Project Management - Introduction, Modeling Concepts...Software Engineering and Project Management - Introduction, Modeling Concepts...
Software Engineering and Project Management - Introduction, Modeling Concepts...
Prakhyath Rai
 
AI assisted telemedicine KIOSK for Rural India.pptx
AI assisted telemedicine KIOSK for Rural India.pptxAI assisted telemedicine KIOSK for Rural India.pptx
AI assisted telemedicine KIOSK for Rural India.pptx
architagupta876
 
Introduction to AI Safety (public presentation).pptx
Introduction to AI Safety (public presentation).pptxIntroduction to AI Safety (public presentation).pptx
Introduction to AI Safety (public presentation).pptx
MiscAnnoy1
 
Seminar on Distillation study-mafia.pptx
Seminar on Distillation study-mafia.pptxSeminar on Distillation study-mafia.pptx
Seminar on Distillation study-mafia.pptx
Madan Karki
 
Software Quality Assurance-se412-v11.ppt
Software Quality Assurance-se412-v11.pptSoftware Quality Assurance-se412-v11.ppt
Software Quality Assurance-se412-v11.ppt
TaghreedAltamimi
 
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
shadow0702a
 
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student MemberIEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
VICTOR MAESTRE RAMIREZ
 
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by AnantLLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
Anant Corporation
 
官方认证美国密歇根州立大学毕业证学位证书原版一模一样
官方认证美国密歇根州立大学毕业证学位证书原版一模一样官方认证美国密歇根州立大学毕业证学位证书原版一模一样
官方认证美国密歇根州立大学毕业证学位证书原版一模一样
171ticu
 
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.pptUnit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
KrishnaveniKrishnara1
 

Recently uploaded (20)

Material for memory and display system h
Material for memory and display system hMaterial for memory and display system h
Material for memory and display system h
 
Hematology Analyzer Machine - Complete Blood Count
Hematology Analyzer Machine - Complete Blood CountHematology Analyzer Machine - Complete Blood Count
Hematology Analyzer Machine - Complete Blood Count
 
Null Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAMNull Bangalore | Pentesters Approach to AWS IAM
Null Bangalore | Pentesters Approach to AWS IAM
 
artificial intelligence and data science contents.pptx
artificial intelligence and data science contents.pptxartificial intelligence and data science contents.pptx
artificial intelligence and data science contents.pptx
 
Curve Fitting in Numerical Methods Regression
Curve Fitting in Numerical Methods RegressionCurve Fitting in Numerical Methods Regression
Curve Fitting in Numerical Methods Regression
 
BRAIN TUMOR DETECTION for seminar ppt.pdf
BRAIN TUMOR DETECTION for seminar ppt.pdfBRAIN TUMOR DETECTION for seminar ppt.pdf
BRAIN TUMOR DETECTION for seminar ppt.pdf
 
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
原版制作(Humboldt毕业证书)柏林大学毕业证学位证一模一样
 
Certificates - Mahmoud Mohamed Moursi Ahmed
Certificates - Mahmoud Mohamed Moursi AhmedCertificates - Mahmoud Mohamed Moursi Ahmed
Certificates - Mahmoud Mohamed Moursi Ahmed
 
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样学校原版美国波士顿大学毕业证学历学位证书原版一模一样
学校原版美国波士顿大学毕业证学历学位证书原版一模一样
 
Data Driven Maintenance | UReason Webinar
Data Driven Maintenance | UReason WebinarData Driven Maintenance | UReason Webinar
Data Driven Maintenance | UReason Webinar
 
Software Engineering and Project Management - Introduction, Modeling Concepts...
Software Engineering and Project Management - Introduction, Modeling Concepts...Software Engineering and Project Management - Introduction, Modeling Concepts...
Software Engineering and Project Management - Introduction, Modeling Concepts...
 
AI assisted telemedicine KIOSK for Rural India.pptx
AI assisted telemedicine KIOSK for Rural India.pptxAI assisted telemedicine KIOSK for Rural India.pptx
AI assisted telemedicine KIOSK for Rural India.pptx
 
Introduction to AI Safety (public presentation).pptx
Introduction to AI Safety (public presentation).pptxIntroduction to AI Safety (public presentation).pptx
Introduction to AI Safety (public presentation).pptx
 
Seminar on Distillation study-mafia.pptx
Seminar on Distillation study-mafia.pptxSeminar on Distillation study-mafia.pptx
Seminar on Distillation study-mafia.pptx
 
Software Quality Assurance-se412-v11.ppt
Software Quality Assurance-se412-v11.pptSoftware Quality Assurance-se412-v11.ppt
Software Quality Assurance-se412-v11.ppt
 
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...
 
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student MemberIEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
 
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by AnantLLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
LLM Fine Tuning with QLoRA Cassandra Lunch 4, presented by Anant
 
官方认证美国密歇根州立大学毕业证学位证书原版一模一样
官方认证美国密歇根州立大学毕业证学位证书原版一模一样官方认证美国密歇根州立大学毕业证学位证书原版一模一样
官方认证美国密歇根州立大学毕业证学位证书原版一模一样
 
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.pptUnit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
Unit-III-ELECTROCHEMICAL STORAGE DEVICES.ppt
 

Postgres seminar

  • 1. Security in PostgreSQL Presented by Mahsa Monem and Majid Mobini under supervision of Dr. Dorri Database Security Course, Tarbiat Modares University, Fall 2018 https://www.aparat.com/v/BDVoz
  • 2. Contents • Introduction (PostgreSQL vs MySQL) • Authentication • Roles • Row Level Security
  • 3. PostgreSQL vs MySQL • MySQL is a relational database management system whereas, PostgresSQL is ORDBMS (object-relational database management system) ✓ user defined structured data 2
  • 4. PostgreSQL vs MySQL • MySQL is a relational database management system whereas, PostgresSQL is ORDBMS (object-relational database management system) ✓ user defined structured data ✓ table inheritance 3
  • 5. PostgreSQL vs MySQL • GUI: phpMyAdmin vs pgAdmin 4
  • 6. PostgreSQL vs MySQL • PostgreSQL provide data domain object. 5
  • 7. PostgreSQL vs MySQL • MySQL provides temporary tables but does not provide materialized view. However, PostgreSQL provides temporary table and also the materialized view. ✓ In MySQL, a temporary table is a special type of table that allows you to store a temporary result set, which you can reuse several times in a single session. A temporary table is very handy when it is impossible or expensive to query data that requires a single SELECT statement with the JOIN clauses. ✓ A MatView is in between a view and a table. Basically it’s built with a query referring to one or more tables, and the results are stored physically, making it acting like a cache. 6
  • 8. Contents • Introduction (PostgreSQL vs MySQL) • Authentication • Roles • Row Level Security
  • 9.
  • 10. Authentication • Trust authentication (single-user workstation) • Peer authentication - Map: Allows for mapping between system and database user names • Ident authentication - obtaining the client's operating system user name from an ident server and using it as the allowed database user name • Password authentication (password, md5, scram-sha-256) • LDAP authentication 9
  • 11. Authentication (pg_hba.conf) 10 
 Apply changes by: - Restart PostgreSQL service - SELECT pg_realod_conf( ) ; 

  • 12. Contents • Introduction (PostgreSQL vs MySQL) • Authentication • Roles • Row Level Security
  • 13.
  • 14. ROLES • Role concept - a role can be considered a “user”, a “group”, or both depending on how it is used. ✓ SUPERUSER vs NOSUPERUSER ✓ CREATEDB vs NOCREATEDB ✓ CREATEROLE vs NOCREATEROLE 13
  • 15. ROLES ✓ LOGIN vs NOLOGIN These clauses determine whether a role is allowed to log in; that is, whether the role can be given as the initial session authorization name during client connection. A role having the LOGIN attribute can be thought of as a user. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. 14
  • 16. ROLES ✓ INHERIT vs NOINHERIT These clauses determine whether a role “inherits” the privileges of roles it is a member of. A role with the INHERIT attribute can automatically use whatever database privileges have been granted to all roles it is directly or indirectly a member of. Without INHERIT, membership in another role only grants the ability to SET ROLE to that other role; the privileges of the other role are only available after having done so. ✓ BYPASSRLS vs NOBYPASSRLS 15
  • 19. Contents • Introduction (PostgreSQL vs MySQL) • Authentication • Roles • Row Level Security
  • 22. ROW LEVEL SECURITY • BYPASSRLS • Table Owner - ALTER TABLE accounts FORCE ROW LEVEL SECURITY; • Default Policy 21
  • 23. ROW LEVEL SECURITY - EXAMPLE 22
  • 24. ROW LEVEL SECURITY - EXAMPLE 23
  • 25. References • https://www.postgresql.org/docs/10/auth-methods.html • https://www.postgresql.org/docs/10/sql-createrole.html • https://www.postgresql.org/docs/10/user-manag.html • https://www.postgresql.org/docs/10/role-membership.html • https://www.postgresql.org/docs/9.5/ddl-rowsecurity.html • https://www.percona.com/live/18/sessions/securing-your-data-on-postgresql • https://medium.com/jobteaser-dev-team/materialized-views-with-postgresql-for- beginners-9809483db35f • https://stackoverflow.com/questions/45865961/what-does-postgresql-to-be-ordbms-mean 24