SlideShare uma empresa Scribd logo

Security Enhanced PostgreSQL - System-wide consistency in access control

Kohei KaiGai
Kohei KaiGai

This document discusses Security-Enhanced PostgreSQL (SE-PostgreSQL), which provides system-wide consistency in access controls for PostgreSQL. The key developer, KaiGai Kohei, has experience with Linux kernel development and PostgreSQL. SE-PostgreSQL applies a single, unified security policy to information assets regardless of how they are stored, using fine-grained mandatory access controls at the tuple and column level. It aims to prevent data leaks and manipulation through consistent, mandatory access controls.

TecnologiaNegócios
1 de 28
Baixar para ler offline
Security-Enhanced PostgreSQL - System-wide consistency in Access Control - NEC OSS Promotion Center KaiGai Kohei <kaigai@ak.jp.nec.com>
Who is KaiGai ? Primary developer of SE-PostgreSQL 5 year's experience in Linux kernel development Especially, SELinux and Security related. Experience in PostgreSQL About 8 years as a user :-) About 2 years for development of SE-PostgreSQL 2 PGcon2008, Ottawa
Philosophical Background Price of Notebook : $8.00 Price of Individual Info: priceless What do you really want to protect from harms? Individual info, Corporate secrets, Authentication data,... called as "Information Asset" Information Asset has to be stored in something. Filesystem, Database, Paper, Brain, ... 3 PGcon2008, Ottawa
Philosophical Background Information Asset What decides the worth of Information Asset? Contents, not the way to store How access control mechanism works? Filesystem: UNIX permission (rwxrwxrwx) Database: Database ACL (GRANT/REVOKE) Strongly depends on the way to store them! We should apply consistent access control rules for same information assets, independent from the way to store them! 4 PGcon2008, Ottawa
Consistency in access control policy Access control policy depending on the way to store Information Asset Secret Data SystemHigh Operating System Database ACL (Own security policy) SELinux Security Policy Filesystem Network IPC objects Databases Application Inter-processes Inter-processes communication communication Unclassified Data methods methods SystemLow 5 PGcon2008, Ottawa
Consistency in access control policy A single consistent security policy on whole of the system Any query, Any object without Any exception Secret Data SystemHigh Operating System Database ACL (Own security policy) SELinux Security Mandatory Policy Filesystem Network IPC objects SE-PostgreSQL Access Control (SELinux security policy) Application Inter-processes Inter-processes communication communication Unclassified Data methods methods SystemLow 6 PGcon2008, Ottawa
The Feature of SE-PostgreSQL "System-wide" consistency in access controls A single unified security policy both OS/DBMS Common security attribute representation Fine-grained Mandatory Access Controls Tuple/Column-level access controls Non-bypassable, even if privileged users The GOAL of SE-PostgreSQL? Provision of System-wide Data Flow Controls Prevention to leak/manipulate by malicious insider Minimization of damages from SQL injection 7 PGcon2008, Ottawa
"System-wide" consistency in access controls
SE-PostgreSQL System Image A single unified security policy is applied, when user tries to read a file via system-calls when user tries to select a table via SQL-queries System Operating System Call Implementation of Entry point Files Filesystem System Calls Permission SELinux Subsystem Policy A single unified A single unified security policy security policy SE-PostgreSQL SE-PostgreSQL Sub System Tables Database ACL ------ ---- -- ------- Query Execution Engine *** *** * ***** SQL +++ ++ + +++ ## ### # ##### 9 PGcon2008, Ottawa
How security policy works? (1/2) SELinux makes a decision with security policy and context. Security context /var/lib/pgsql/* system_u : object_r : postgresql_db_t : Classified PostgreSQL User Role Type/Domain MLS Label Database Files Any process/resource have its security context. It enables to show its attribute independent from its class. Security policy A set of massive rules to be allowed Rules are described as relationships between two security contexts and action. postgresql_t is allowed to write files with postgresql_log_t. SystemHigh is allowed to read file with Classified. 10 PGcon2008, Ottawa
How security policy works? (2/2) Common attributes well formalized for various kind of resources. Object manager has to maintain proper security context of its managing objects staff_u:staff_r:staff_t:SystemHigh staff_u:staff_r:staff_t:SystemHigh system_u:object_r:var_log_t:Unclassified system_u:object_r:var_log_t:Unclassified system_u:object_r:sepgsql_table_t:Classified system_u:object_r:sepgsql_table_t:Classified shared /var/log/messages ~/memo.txt memory SE-PostgreSQL system_u:object_r:user_home_t:Unclassified system_u:object_r:user_home_t:Unclassified system_u:object_r:postgresql_t:Unclassified system_u:object_r:postgresql_t:Unclassified user_u:user_r:user_t:SystemLow user_u:user_r:user_t:SystemLow 11 PGcon2008, Ottawa
'security_context' system column postgres=# SELECT security_context, * FROM drink; security_context | id | name | price | alcohol ------------------------------------------+----+-------+-------+--------- unconfined_u:object_r:sepgsql_table_t:s0 | 1 | water | 100 | f unconfined_u:object_r:sepgsql_table_t:s0 | 2 | coke | 120 | f unconfined_u:object_r:sepgsql_table_t:s0 | 3 | juice | 130 | f system_u:object_r:sepgsql_table_t:s0:c0 | 4 | cofee | 180 | f system_u:object_r:sepgsql_table_t:s0:c0 | 5 | beer | 240 | t system_u:object_r:sepgsql_table_t:s0:c0 | 6 | sake | 320 | t (6 rows) A new system column of security_context. It shows security context of each tuples. In pg_attribute, it shows security context of the column. ditto, for pg_class, pg_database, pg_class Default security context of newly inserted tuples Updating security context via writable system column 12 PGcon2008, Ottawa
How clients' authority decided? Access controls, as if users access files via system calls. But, queries come through networks. Labeled Networking Technology SELinux provides getpeercon() API, that enables to obtain the security context of peer process. SE-PostgreSQL applies it as a security context of client Peer's context is delivered during key exchanging. ...:SystemMiddle Labeled IPsec Networks ...:SystemHigh UNIX domain socket SE-PostgreSQL IP address Normal TCP/IP lookup localhost ...:SystemLow 13 PGcon2008, Ottawa
Fine-grained Mandatory access controls
Tuple-level Access Controls SE-PostgreSQL filters any violated tuples from result set, as if they are not on the target table. ditto, on UPDATE and DELETE statement Checks at tuple insertion for INSERT statement Example: Example: SELECT * FROM employee NATURAL JOIN division; parser & optimizer SeqScan TABLE: employee Plan tree IndexScan kernel space TABLE: division Security SE-PostgreSQL Hooks Policy 15 PGcon2008, Ottawa
Column-Level Access Control SE-PostgreSQL checks any column appeared in queries. Abort query execution, if violated usage found. SELECT c1, sin(c2), exp(c3+ln(c4)) FROM ttWHERE c5 < 100; SELECT c1, sin(c2), exp(c3+ln(c4)) FROM WHERE c5 < 100; Query parser Walking on the node tree. Query tree c1 sin exp targetList '+' operation '<' operation c2 float8pl jointree float8lt c3 ln c5 100 c4 Abort! 16 PGcon2008, Ottawa
Case Study (1/2) SELECT name, price * 2 FROM drink WHERE id < 40; db_column:{select} for name and price column db_column:{use} for id column {use} permission means "referred but consumed internally" db_procedure:{execute} for int4mul and int4lt function db_table:{select use} for drink table Implementation of operators. Implementation of operators. The current transaction will be aborted, if the client does not have enough permissions. And db_tuple:{select use} for each tuples Any violated tuples are filtered from result set. 17 PGcon2008, Ottawa
Case Study (2/2) UPDATE drink SET size = 500, price = price * 2 WHERE alcohol = true; db_column:{update} for size column db_column:{select update} for price column price column is also read, not only updated. db_column:{use} for alcohol column db_procedure:{execute} for booleq and int4mul function db_table:{select use update} for drink table The current transaction will be aborted, if the client does not have enough permissions. And db_tuple:{select use update} for each tuples Any violated tuples are excepted from the target of updating. 18 PGcon2008, Ottawa
Demonstration
Data Flow Control Demonstration PostgreSQL (original) SE-PostgreSQL read(2) read(2) Secret Secret SystemHigh SystemHigh INSERT write(2) INSERT write(2) PgSQL Filesystem SE-PgSQL Filesystem Secret Secret Secret Security Security System-wide System-wide Attribute Attribute SELECT read(2) consistency consistency SELECT read(2) LOST! LOST! in accee control in accee control SystemLow SystemLow 20 PGcon2008, Ottawa
Miscellaneous Topics
Performance 700 CPU: Core2Duo E6400, Mem: 1GB, HDD: SATA CPU: Core2Duo E6400, Mem: 1GB, HDD: SATA shared_buffer=512m, rest of options are in default. shared_buffer=512m, rest of options are in default. 600 $$pgbench -c 22-t 200000 Transactions per second pgbench -c -t 200000 500 400 300 200 100 0 2 4 6 8 10 12 14 16 18 20 Scaling factor PostgreSQL 8.4devel SE-PostgreSQL 8.4devel about 10% security-tradeoff access vector cache (AVC) minimizes system-call invocation 22 PGcon2008, Ottawa
Platform dependency SE-PostgreSQL always needs SELinux to run. Is SE-PostgreSQL available on disabled SELinux? Is SE-PostgreSQL available on any other operating system? PostgreSQL Access Control Extension (PGACE) A set of platform independent hooks To apply various kind of security module with minimum impact Base PostgreSQL implementation PGACE framework OS specific security module pgaceHeapTupleInsert sepgsqlHeapTupleInsert ExecInsert fooHeapTupleInsert static inline bool static inline bool pgaceHeapTupleInsert(Relation rel, HeapTuple tup,...) pgaceHeapTupleInsert(Relation rel, HeapTuple tup,...) varHeapTupleInsert { { #ifdef HAVE_SELINUX #ifdef HAVE_SELINUX database if (sepgsqlIsEnabled()) if (sepgsqlIsEnabled()) return sepgsqlHeapTupleInsert(rel, tup, ...); return sepgsqlHeapTupleInsert(rel, tup, ...); #endif #endif return true; return true; 23 PGcon2008, Ottawa } }
The current status of SE-PostgreSQL The current status Now, it is available on Fedora 8 or later Patches are reviewed at CommitFest:May Thanks for many worthful comments/suggestions! http://wiki.postgresql.org/wiki/CommitFest:May In the next Now revising my patches for CommitFest:Jul design improvement, documentation, regression test, ... Security Policy Upstreaming 24 PGcon2008, Ottawa
Summary "System-wide" Consistency in Access Controls ITS PHILOSOPHY: Same access control policy should be applied to same information asset, independent from the way to store. Key concept is sharing a single unified security policy. Fine-grained Mandatory Access Controls Non-bypassable for everyone Column-/Tuple-level flexibility Any violated tuple is filtered, as if they don't exist. Using violated column and others invokes execution aborts. 25 PGcon2008, Ottawa
Any Question?
Thank you! Acknoledgement: Information-Technology Promotion Agency (IPA), Japan supported the development of SE-PostgreSQL as one of the Exploratory Software Projects in later half of 2006FY.
Resources Project Home http://code.google.com/p/sepgsql/ SVN repository svn co http://sepgsql.googlecode.com/svn/ sepgsql Today's slide http://sepgsql.googlecode.com/files/PGCON20080523.pdf RPM Packages http://code.google.com/p/sepgsql/downloads/list And, see the repository of Fedora project Logo Currently, he has no name. 28 PGcon2008, Ottawa

Recomendados

LTO/オートローダー/仮想テープライブラリの基礎知識
LTO/オートローダー/仮想テープライブラリの基礎知識LTO/オートローダー/仮想テープライブラリの基礎知識
LTO/オートローダー/仮想テープライブラリの基礎知識MKT International Inc.
 
KubernetesバックアップツールVeleroとちょっとした苦労話
KubernetesバックアップツールVeleroとちょっとした苦労話KubernetesバックアップツールVeleroとちょっとした苦労話
KubernetesバックアップツールVeleroとちょっとした苦労話imurata8203
 
PostgreSQLコミュニティに飛び込もう
PostgreSQLコミュニティに飛び込もうPostgreSQLコミュニティに飛び込もう
PostgreSQLコミュニティに飛び込もうNTT DATA OSS Professional Services
 
PostgreSQL and RAM usage
PostgreSQL and RAM usagePostgreSQL and RAM usage
PostgreSQL and RAM usageAlexey Bashtanov
 
PostgreSQLのパラレル化に向けた取り組み@第30回(仮名)PostgreSQL勉強会
PostgreSQLのパラレル化に向けた取り組み@第30回(仮名)PostgreSQL勉強会PostgreSQLのパラレル化に向けた取り組み@第30回(仮名)PostgreSQL勉強会
PostgreSQLのパラレル化に向けた取り組み@第30回(仮名)PostgreSQL勉強会Shigeru Hanada
 
Best Practices with PostgreSQL on Solaris
Best Practices with PostgreSQL on SolarisBest Practices with PostgreSQL on Solaris
Best Practices with PostgreSQL on SolarisJignesh Shah
 
20180706_VxRailCC_ワークショップ編_NW
20180706_VxRailCC_ワークショップ編_NW20180706_VxRailCC_ワークショップ編_NW
20180706_VxRailCC_ワークショップ編_NWVxRail ChampionClub
 
PostgreSQLアーキテクチャ入門
PostgreSQLアーキテクチャ入門PostgreSQLアーキテクチャ入門
PostgreSQLアーキテクチャ入門Uptime Technologies LLC (JP)
 

Recomendados

LTO/オートローダー/仮想テープライブラリの基礎知識
LTO/オートローダー/仮想テープライブラリの基礎知識LTO/オートローダー/仮想テープライブラリの基礎知識
LTO/オートローダー/仮想テープライブラリの基礎知識MKT International Inc.
 
KubernetesバックアップツールVeleroとちょっとした苦労話
KubernetesバックアップツールVeleroとちょっとした苦労話KubernetesバックアップツールVeleroとちょっとした苦労話
KubernetesバックアップツールVeleroとちょっとした苦労話imurata8203
 
PostgreSQLコミュニティに飛び込もう
PostgreSQLコミュニティに飛び込もうPostgreSQLコミュニティに飛び込もう
PostgreSQLコミュニティに飛び込もうNTT DATA OSS Professional Services
 
PostgreSQL and RAM usage
PostgreSQL and RAM usagePostgreSQL and RAM usage
PostgreSQL and RAM usageAlexey Bashtanov
 
PostgreSQLのパラレル化に向けた取り組み@第30回(仮名)PostgreSQL勉強会
PostgreSQLのパラレル化に向けた取り組み@第30回(仮名)PostgreSQL勉強会PostgreSQLのパラレル化に向けた取り組み@第30回(仮名)PostgreSQL勉強会
PostgreSQLのパラレル化に向けた取り組み@第30回(仮名)PostgreSQL勉強会Shigeru Hanada
 
Best Practices with PostgreSQL on Solaris
Best Practices with PostgreSQL on SolarisBest Practices with PostgreSQL on Solaris
Best Practices with PostgreSQL on SolarisJignesh Shah
 
20180706_VxRailCC_ワークショップ編_NW
20180706_VxRailCC_ワークショップ編_NW20180706_VxRailCC_ワークショップ編_NW
20180706_VxRailCC_ワークショップ編_NWVxRail ChampionClub
 
PostgreSQLアーキテクチャ入門
PostgreSQLアーキテクチャ入門PostgreSQLアーキテクチャ入門
PostgreSQLアーキテクチャ入門Uptime Technologies LLC (JP)
 
Let's scale-out PostgreSQL using Citus (Japanese)
Let's scale-out PostgreSQL using Citus (Japanese)Let's scale-out PostgreSQL using Citus (Japanese)
Let's scale-out PostgreSQL using Citus (Japanese)Noriyoshi Shinoda
 
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...Google Cloud Platform - Japan
 
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化kazuhcurry
 
Using ngx_lua / lua-nginx-module in pixiv
Using ngx_lua / lua-nginx-module in pixivUsing ngx_lua / lua-nginx-module in pixiv
Using ngx_lua / lua-nginx-module in pixivShunsuke Michii
 
インフラチームのリモートワーク
インフラチームのリモートワークインフラチームのリモートワーク
インフラチームのリモートワーク富士通クラウドテクノロジーズ株式会社
 
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)VirtualTech Japan Inc.
 
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)NTT DATA Technology & Innovation
 
Query logging with proxysql
Query logging with proxysqlQuery logging with proxysql
Query logging with proxysqlYoungHeon (Roy) Kim
 
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)NTT DATA Technology & Innovation
 
Your hash is.
Your hash is.Your hash is.
Your hash is.abend_cve_9999_0001
 
SAS vs SATA_ The Key Differences That You Should Know.pptx
SAS vs SATA_ The Key Differences That You Should Know.pptxSAS vs SATA_ The Key Differences That You Should Know.pptx
SAS vs SATA_ The Key Differences That You Should Know.pptxcalltutors
 
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...NTT DATA Technology & Innovation
 
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...Masahiko Sawada
 
21.1. harakteristiki chip set
21.1. harakteristiki chip set21.1. harakteristiki chip set
21.1. harakteristiki chip setdnaidenowa
 
C16 45分でわかるPostgreSQLの仕組み by 山田努
C16 45分でわかるPostgreSQLの仕組み by 山田努C16 45分でわかるPostgreSQLの仕組み by 山田努
C16 45分でわかるPostgreSQLの仕組み by 山田努Insight Technology, Inc.
 
[GKE & Spanner 勉強会] Cloud Spanner の技術概要
[GKE & Spanner 勉強会] Cloud Spanner の技術概要[GKE & Spanner 勉強会] Cloud Spanner の技術概要
[GKE & Spanner 勉強会] Cloud Spanner の技術概要Google Cloud Platform - Japan
 
Using cgroups in docker container
Using cgroups in docker containerUsing cgroups in docker container
Using cgroups in docker containerVinay Jindal
 
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所Hibino Hisashi
 
MongoDB Configパラメータ解説
MongoDB Configパラメータ解説MongoDB Configパラメータ解説
MongoDB Configパラメータ解説Shoken Fujisaki
 
PG-REXで学ぶPacemaker運用の実例
PG-REXで学ぶPacemaker運用の実例PG-REXで学ぶPacemaker運用の実例
PG-REXで学ぶPacemaker運用の実例kazuhcurry
 
The Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access controlThe Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access controlKohei KaiGai
 
LAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQLLAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQLKohei KaiGai
 

Mais conteúdo relacionado

Mais procurados

Let's scale-out PostgreSQL using Citus (Japanese)
Let's scale-out PostgreSQL using Citus (Japanese)Let's scale-out PostgreSQL using Citus (Japanese)
Let's scale-out PostgreSQL using Citus (Japanese)Noriyoshi Shinoda
 
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...Google Cloud Platform - Japan
 
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化kazuhcurry
 
Using ngx_lua / lua-nginx-module in pixiv
Using ngx_lua / lua-nginx-module in pixivUsing ngx_lua / lua-nginx-module in pixiv
Using ngx_lua / lua-nginx-module in pixivShunsuke Michii
 
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)VirtualTech Japan Inc.
 
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)NTT DATA Technology & Innovation
 
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)NTT DATA Technology & Innovation
 
SAS vs SATA_ The Key Differences That You Should Know.pptx
SAS vs SATA_ The Key Differences That You Should Know.pptxSAS vs SATA_ The Key Differences That You Should Know.pptx
SAS vs SATA_ The Key Differences That You Should Know.pptxcalltutors
 
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...NTT DATA Technology & Innovation
 
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...Masahiko Sawada
 
21.1. harakteristiki chip set
21.1. harakteristiki chip set21.1. harakteristiki chip set
21.1. harakteristiki chip setdnaidenowa
 
C16 45分でわかるPostgreSQLの仕組み by 山田努
C16 45分でわかるPostgreSQLの仕組み by 山田努C16 45分でわかるPostgreSQLの仕組み by 山田努
C16 45分でわかるPostgreSQLの仕組み by 山田努Insight Technology, Inc.
 
[GKE & Spanner 勉強会] Cloud Spanner の技術概要
[GKE & Spanner 勉強会] Cloud Spanner の技術概要[GKE & Spanner 勉強会] Cloud Spanner の技術概要
[GKE & Spanner 勉強会] Cloud Spanner の技術概要Google Cloud Platform - Japan
 
Using cgroups in docker container
Using cgroups in docker containerUsing cgroups in docker container
Using cgroups in docker containerVinay Jindal
 
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所Hibino Hisashi
 
MongoDB Configパラメータ解説
MongoDB Configパラメータ解説MongoDB Configパラメータ解説
MongoDB Configパラメータ解説Shoken Fujisaki
 
PG-REXで学ぶPacemaker運用の実例
PG-REXで学ぶPacemaker運用の実例PG-REXで学ぶPacemaker運用の実例
PG-REXで学ぶPacemaker運用の実例kazuhcurry
 

Mais procurados (20)

Let's scale-out PostgreSQL using Citus (Japanese)
Let's scale-out PostgreSQL using Citus (Japanese)Let's scale-out PostgreSQL using Citus (Japanese)
Let's scale-out PostgreSQL using Citus (Japanese)
 
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...
アプリ開発者、DB 管理者視点での Cloud Spanner 活用方法 | 第 10 回 Google Cloud INSIDE Games & App...
 
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化
Pacemaker + PostgreSQL レプリケーション構成(PG-REX)のフェイルオーバー高速化
 
Using ngx_lua / lua-nginx-module in pixiv
Using ngx_lua / lua-nginx-module in pixivUsing ngx_lua / lua-nginx-module in pixiv
Using ngx_lua / lua-nginx-module in pixiv
 
インフラチームのリモートワーク
インフラチームのリモートワークインフラチームのリモートワーク
インフラチームのリモートワーク
 
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)
OpenStackで始めるクラウド環境構築入門(Horizon 基礎編)
 
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)
pg_walinspectについて調べてみた!(第37回PostgreSQLアンカンファレンス@オンライン 発表資料)
 
Query logging with proxysql
Query logging with proxysqlQuery logging with proxysql
Query logging with proxysql
 
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)
PostgreSQL 13でのpg_stat_statementsの改善について(第12回PostgreSQLアンカンファレンス@オンライン 発表資料)
 
Your hash is.
Your hash is.Your hash is.
Your hash is.
 
SAS vs SATA_ The Key Differences That You Should Know.pptx
SAS vs SATA_ The Key Differences That You Should Know.pptxSAS vs SATA_ The Key Differences That You Should Know.pptx
SAS vs SATA_ The Key Differences That You Should Know.pptx
 
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...
PostgreSQL 12は ここがスゴイ! ~性能改善やpluggable storage engineなどの新機能を徹底解説~ (NTTデータ テクノ...
 
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...
行ロックと「LOG: process 12345 still waiting for ShareLock on transaction 710 afte...
 
21.1. harakteristiki chip set
21.1. harakteristiki chip set21.1. harakteristiki chip set
21.1. harakteristiki chip set
 
C16 45分でわかるPostgreSQLの仕組み by 山田努
C16 45分でわかるPostgreSQLの仕組み by 山田努C16 45分でわかるPostgreSQLの仕組み by 山田努
C16 45分でわかるPostgreSQLの仕組み by 山田努
 
[GKE & Spanner 勉強会] Cloud Spanner の技術概要
[GKE & Spanner 勉強会] Cloud Spanner の技術概要[GKE & Spanner 勉強会] Cloud Spanner の技術概要
[GKE & Spanner 勉強会] Cloud Spanner の技術概要
 
Using cgroups in docker container
Using cgroups in docker containerUsing cgroups in docker container
Using cgroups in docker container
 
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所
オープンソースソフトウェアで実現するエンタープライズにおけるセキュリティ脅威分析の勘所
 
MongoDB Configパラメータ解説
MongoDB Configパラメータ解説MongoDB Configパラメータ解説
MongoDB Configパラメータ解説
 
PG-REXで学ぶPacemaker運用の実例
PG-REXで学ぶPacemaker運用の実例PG-REXで学ぶPacemaker運用の実例
PG-REXで学ぶPacemaker運用の実例
 

Semelhante a Security Enhanced PostgreSQL - System-wide consistency in access control

The Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access controlThe Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access controlKohei KaiGai
 
LAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQLLAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQLKohei KaiGai
 
LCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsqlLCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsqlKohei KaiGai
 
Label based Mandatory Access Control on PostgreSQL
Label based Mandatory Access Control on PostgreSQLLabel based Mandatory Access Control on PostgreSQL
Label based Mandatory Access Control on PostgreSQLKohei KaiGai
 
LAPP/SELinux - A secure web application stack powered by SELinux
LAPP/SELinux - A secure web application stack powered by SELinuxLAPP/SELinux - A secure web application stack powered by SELinux
LAPP/SELinux - A secure web application stack powered by SELinuxKohei KaiGai
 
SE-PostgreSQL - System wide consistency of access control
SE-PostgreSQL - System wide consistency of access controlSE-PostgreSQL - System wide consistency of access control
SE-PostgreSQL - System wide consistency of access controlKohei KaiGai
 
Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19marketingsyone
 
SELinux_@gnu_group_meetup
SELinux_@gnu_group_meetupSELinux_@gnu_group_meetup
SELinux_@gnu_group_meetupJayant Chutke
 
Présentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo WazuhPrésentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo WazuhAurélie Henriot
 
Security analysis of a privacy preserving decentralized key-policy attribute-...
Security analysis of a privacy preserving decentralized key-policy attribute-...Security analysis of a privacy preserving decentralized key-policy attribute-...
Security analysis of a privacy preserving decentralized key-policy attribute-...JPINFOTECH JAYAPRAKASH
 
Single Sign-on Framework in Tizen
Single Sign-on Framework in TizenSingle Sign-on Framework in Tizen
Single Sign-on Framework in TizenRyo Jin
 
3 securityarchitectureandmodels-120331064706-phpapp01
3 securityarchitectureandmodels-120331064706-phpapp013 securityarchitectureandmodels-120331064706-phpapp01
3 securityarchitectureandmodels-120331064706-phpapp01wardell henley
 
Metric for Evaluating Availability of an Information System : A Quantitative ...
Metric for Evaluating Availability of an Information System : A Quantitative ...Metric for Evaluating Availability of an Information System : A Quantitative ...
Metric for Evaluating Availability of an Information System : A Quantitative ...IJNSA Journal
 
Ensuring distributed accountability
Ensuring distributed accountabilityEnsuring distributed accountability
Ensuring distributed accountabilityNandini Chandran
 
Openstack security presentation 2013
Openstack security presentation 2013Openstack security presentation 2013
Openstack security presentation 2013brian_chong
 
Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...
Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...
Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...IJCERT JOURNAL
 
Process behaviour modelling using lsm
Process behaviour modelling using lsmProcess behaviour modelling using lsm
Process behaviour modelling using lsmiaemedu
 
Osonto documentatie
Osonto documentatieOsonto documentatie
Osonto documentatiewondernet
 

Semelhante a Security Enhanced PostgreSQL - System-wide consistency in access control (20)

The Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access controlThe Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access control
 
LAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQLLAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQL
 
LCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsqlLCJ2010-KaiGai-sepgsql
LCJ2010-KaiGai-sepgsql
 
Label based Mandatory Access Control on PostgreSQL
Label based Mandatory Access Control on PostgreSQLLabel based Mandatory Access Control on PostgreSQL
Label based Mandatory Access Control on PostgreSQL
 
LAPP/SELinux - A secure web application stack powered by SELinux
LAPP/SELinux - A secure web application stack powered by SELinuxLAPP/SELinux - A secure web application stack powered by SELinux
LAPP/SELinux - A secure web application stack powered by SELinux
 
SE-PostgreSQL - System wide consistency of access control
SE-PostgreSQL - System wide consistency of access controlSE-PostgreSQL - System wide consistency of access control
SE-PostgreSQL - System wide consistency of access control
 
Se linux course1
Se linux course1Se linux course1
Se linux course1
 
Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19Oscar Cabanillas - Elastic - OSL19
Oscar Cabanillas - Elastic - OSL19
 
SELinux_@gnu_group_meetup
SELinux_@gnu_group_meetupSELinux_@gnu_group_meetup
SELinux_@gnu_group_meetup
 
Présentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo WazuhPrésentation ELK/SIEM et démo Wazuh
Présentation ELK/SIEM et démo Wazuh
 
Security analysis of a privacy preserving decentralized key-policy attribute-...
Security analysis of a privacy preserving decentralized key-policy attribute-...Security analysis of a privacy preserving decentralized key-policy attribute-...
Security analysis of a privacy preserving decentralized key-policy attribute-...
 
Single Sign-on Framework in Tizen
Single Sign-on Framework in TizenSingle Sign-on Framework in Tizen
Single Sign-on Framework in Tizen
 
3 securityarchitectureandmodels-120331064706-phpapp01
3 securityarchitectureandmodels-120331064706-phpapp013 securityarchitectureandmodels-120331064706-phpapp01
3 securityarchitectureandmodels-120331064706-phpapp01
 
Metric for Evaluating Availability of an Information System : A Quantitative ...
Metric for Evaluating Availability of an Information System : A Quantitative ...Metric for Evaluating Availability of an Information System : A Quantitative ...
Metric for Evaluating Availability of an Information System : A Quantitative ...
 
Ensuring distributed accountability
Ensuring distributed accountabilityEnsuring distributed accountability
Ensuring distributed accountability
 
Openstack security presentation 2013
Openstack security presentation 2013Openstack security presentation 2013
Openstack security presentation 2013
 
Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...
Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...
Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...
 
Process behaviour modelling using lsm
Process behaviour modelling using lsmProcess behaviour modelling using lsm
Process behaviour modelling using lsm
 
Osonto documentatie
Osonto documentatieOsonto documentatie
Osonto documentatie
 
Security Architecture
Security ArchitectureSecurity Architecture
Security Architecture
 

Mais de Kohei KaiGai

20221116_DBTS_PGStrom_History
20221116_DBTS_PGStrom_History20221116_DBTS_PGStrom_History
20221116_DBTS_PGStrom_HistoryKohei KaiGai
 
20221111_JPUG_CustomScan_API
20221111_JPUG_CustomScan_API20221111_JPUG_CustomScan_API
20221111_JPUG_CustomScan_APIKohei KaiGai
 
20211112_jpugcon_gpu_and_arrow
20211112_jpugcon_gpu_and_arrow20211112_jpugcon_gpu_and_arrow
20211112_jpugcon_gpu_and_arrowKohei KaiGai
 
20210928_pgunconf_hll_count
20210928_pgunconf_hll_count20210928_pgunconf_hll_count
20210928_pgunconf_hll_countKohei KaiGai
 
20210731_OSC_Kyoto_PGStrom3.0
20210731_OSC_Kyoto_PGStrom3.020210731_OSC_Kyoto_PGStrom3.0
20210731_OSC_Kyoto_PGStrom3.0Kohei KaiGai
 
20210511_PGStrom_GpuCache
20210511_PGStrom_GpuCache20210511_PGStrom_GpuCache
20210511_PGStrom_GpuCacheKohei KaiGai
 
20210301_PGconf_Online_GPU_PostGIS_GiST_Index
20210301_PGconf_Online_GPU_PostGIS_GiST_Index20210301_PGconf_Online_GPU_PostGIS_GiST_Index
20210301_PGconf_Online_GPU_PostGIS_GiST_IndexKohei KaiGai
 
20201128_OSC_Fukuoka_Online_GPUPostGIS
20201128_OSC_Fukuoka_Online_GPUPostGIS20201128_OSC_Fukuoka_Online_GPUPostGIS
20201128_OSC_Fukuoka_Online_GPUPostGISKohei KaiGai
 
20201113_PGconf_Japan_GPU_PostGIS
20201113_PGconf_Japan_GPU_PostGIS20201113_PGconf_Japan_GPU_PostGIS
20201113_PGconf_Japan_GPU_PostGISKohei KaiGai
 
20201006_PGconf_Online_Large_Data_Processing
20201006_PGconf_Online_Large_Data_Processing20201006_PGconf_Online_Large_Data_Processing
20201006_PGconf_Online_Large_Data_ProcessingKohei KaiGai
 
20200828_OSCKyoto_Online
20200828_OSCKyoto_Online20200828_OSCKyoto_Online
20200828_OSCKyoto_OnlineKohei KaiGai
 
20200806_PGStrom_PostGIS_GstoreFdw
20200806_PGStrom_PostGIS_GstoreFdw20200806_PGStrom_PostGIS_GstoreFdw
20200806_PGStrom_PostGIS_GstoreFdwKohei KaiGai
 
20200424_Writable_Arrow_Fdw
20200424_Writable_Arrow_Fdw20200424_Writable_Arrow_Fdw
20200424_Writable_Arrow_FdwKohei KaiGai
 
20191211_Apache_Arrow_Meetup_Tokyo
20191211_Apache_Arrow_Meetup_Tokyo20191211_Apache_Arrow_Meetup_Tokyo
20191211_Apache_Arrow_Meetup_TokyoKohei KaiGai
 
20191115-PGconf.Japan
20191115-PGconf.Japan20191115-PGconf.Japan
20191115-PGconf.JapanKohei KaiGai
 
20190926_Try_RHEL8_NVMEoF_Beta
20190926_Try_RHEL8_NVMEoF_Beta20190926_Try_RHEL8_NVMEoF_Beta
20190926_Try_RHEL8_NVMEoF_BetaKohei KaiGai
 
20190925_DBTS_PGStrom
20190925_DBTS_PGStrom20190925_DBTS_PGStrom
20190925_DBTS_PGStromKohei KaiGai
 
20190909_PGconf.ASIA_KaiGai
20190909_PGconf.ASIA_KaiGai20190909_PGconf.ASIA_KaiGai
20190909_PGconf.ASIA_KaiGaiKohei KaiGai
 
20190516_DLC10_PGStrom
20190516_DLC10_PGStrom20190516_DLC10_PGStrom
20190516_DLC10_PGStromKohei KaiGai
 
20190418_PGStrom_on_ArrowFdw
20190418_PGStrom_on_ArrowFdw20190418_PGStrom_on_ArrowFdw
20190418_PGStrom_on_ArrowFdwKohei KaiGai
 

Mais de Kohei KaiGai (20)

20221116_DBTS_PGStrom_History
20221116_DBTS_PGStrom_History20221116_DBTS_PGStrom_History
20221116_DBTS_PGStrom_History
 
20221111_JPUG_CustomScan_API
20221111_JPUG_CustomScan_API20221111_JPUG_CustomScan_API
20221111_JPUG_CustomScan_API
 
20211112_jpugcon_gpu_and_arrow
20211112_jpugcon_gpu_and_arrow20211112_jpugcon_gpu_and_arrow
20211112_jpugcon_gpu_and_arrow
 
20210928_pgunconf_hll_count
20210928_pgunconf_hll_count20210928_pgunconf_hll_count
20210928_pgunconf_hll_count
 
20210731_OSC_Kyoto_PGStrom3.0
20210731_OSC_Kyoto_PGStrom3.020210731_OSC_Kyoto_PGStrom3.0
20210731_OSC_Kyoto_PGStrom3.0
 
20210511_PGStrom_GpuCache
20210511_PGStrom_GpuCache20210511_PGStrom_GpuCache
20210511_PGStrom_GpuCache
 
20210301_PGconf_Online_GPU_PostGIS_GiST_Index
20210301_PGconf_Online_GPU_PostGIS_GiST_Index20210301_PGconf_Online_GPU_PostGIS_GiST_Index
20210301_PGconf_Online_GPU_PostGIS_GiST_Index
 
20201128_OSC_Fukuoka_Online_GPUPostGIS
20201128_OSC_Fukuoka_Online_GPUPostGIS20201128_OSC_Fukuoka_Online_GPUPostGIS
20201128_OSC_Fukuoka_Online_GPUPostGIS
 
20201113_PGconf_Japan_GPU_PostGIS
20201113_PGconf_Japan_GPU_PostGIS20201113_PGconf_Japan_GPU_PostGIS
20201113_PGconf_Japan_GPU_PostGIS
 
20201006_PGconf_Online_Large_Data_Processing
20201006_PGconf_Online_Large_Data_Processing20201006_PGconf_Online_Large_Data_Processing
20201006_PGconf_Online_Large_Data_Processing
 
20200828_OSCKyoto_Online
20200828_OSCKyoto_Online20200828_OSCKyoto_Online
20200828_OSCKyoto_Online
 
20200806_PGStrom_PostGIS_GstoreFdw
20200806_PGStrom_PostGIS_GstoreFdw20200806_PGStrom_PostGIS_GstoreFdw
20200806_PGStrom_PostGIS_GstoreFdw
 
20200424_Writable_Arrow_Fdw
20200424_Writable_Arrow_Fdw20200424_Writable_Arrow_Fdw
20200424_Writable_Arrow_Fdw
 
20191211_Apache_Arrow_Meetup_Tokyo
20191211_Apache_Arrow_Meetup_Tokyo20191211_Apache_Arrow_Meetup_Tokyo
20191211_Apache_Arrow_Meetup_Tokyo
 
20191115-PGconf.Japan
20191115-PGconf.Japan20191115-PGconf.Japan
20191115-PGconf.Japan
 
20190926_Try_RHEL8_NVMEoF_Beta
20190926_Try_RHEL8_NVMEoF_Beta20190926_Try_RHEL8_NVMEoF_Beta
20190926_Try_RHEL8_NVMEoF_Beta
 
20190925_DBTS_PGStrom
20190925_DBTS_PGStrom20190925_DBTS_PGStrom
20190925_DBTS_PGStrom
 
20190909_PGconf.ASIA_KaiGai
20190909_PGconf.ASIA_KaiGai20190909_PGconf.ASIA_KaiGai
20190909_PGconf.ASIA_KaiGai
 
20190516_DLC10_PGStrom
20190516_DLC10_PGStrom20190516_DLC10_PGStrom
20190516_DLC10_PGStrom
 
20190418_PGStrom_on_ArrowFdw
20190418_PGStrom_on_ArrowFdw20190418_PGStrom_on_ArrowFdw
20190418_PGStrom_on_ArrowFdw
 

Último

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 

Último (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Security Enhanced PostgreSQL - System-wide consistency in access control

  • 1. Security-Enhanced PostgreSQL - System-wide consistency in Access Control - NEC OSS Promotion Center KaiGai Kohei <kaigai@ak.jp.nec.com>
  • 2. Who is KaiGai ? Primary developer of SE-PostgreSQL 5 year's experience in Linux kernel development Especially, SELinux and Security related. Experience in PostgreSQL About 8 years as a user :-) About 2 years for development of SE-PostgreSQL 2 PGcon2008, Ottawa
  • 3. Philosophical Background Price of Notebook : $8.00 Price of Individual Info: priceless What do you really want to protect from harms? Individual info, Corporate secrets, Authentication data,... called as "Information Asset" Information Asset has to be stored in something. Filesystem, Database, Paper, Brain, ... 3 PGcon2008, Ottawa
  • 4. Philosophical Background Information Asset What decides the worth of Information Asset? Contents, not the way to store How access control mechanism works? Filesystem: UNIX permission (rwxrwxrwx) Database: Database ACL (GRANT/REVOKE) Strongly depends on the way to store them! We should apply consistent access control rules for same information assets, independent from the way to store them! 4 PGcon2008, Ottawa
  • 5. Consistency in access control policy Access control policy depending on the way to store Information Asset Secret Data SystemHigh Operating System Database ACL (Own security policy) SELinux Security Policy Filesystem Network IPC objects Databases Application Inter-processes Inter-processes communication communication Unclassified Data methods methods SystemLow 5 PGcon2008, Ottawa
  • 6. Consistency in access control policy A single consistent security policy on whole of the system Any query, Any object without Any exception Secret Data SystemHigh Operating System Database ACL (Own security policy) SELinux Security Mandatory Policy Filesystem Network IPC objects SE-PostgreSQL Access Control (SELinux security policy) Application Inter-processes Inter-processes communication communication Unclassified Data methods methods SystemLow 6 PGcon2008, Ottawa
  • 7. The Feature of SE-PostgreSQL "System-wide" consistency in access controls A single unified security policy both OS/DBMS Common security attribute representation Fine-grained Mandatory Access Controls Tuple/Column-level access controls Non-bypassable, even if privileged users The GOAL of SE-PostgreSQL? Provision of System-wide Data Flow Controls Prevention to leak/manipulate by malicious insider Minimization of damages from SQL injection 7 PGcon2008, Ottawa
  • 8. "System-wide" consistency in access controls
  • 9. SE-PostgreSQL System Image A single unified security policy is applied, when user tries to read a file via system-calls when user tries to select a table via SQL-queries System Operating System Call Implementation of Entry point Files Filesystem System Calls Permission SELinux Subsystem Policy A single unified A single unified security policy security policy SE-PostgreSQL SE-PostgreSQL Sub System Tables Database ACL ------ ---- -- ------- Query Execution Engine *** *** * ***** SQL +++ ++ + +++ ## ### # ##### 9 PGcon2008, Ottawa
  • 10. How security policy works? (1/2) SELinux makes a decision with security policy and context. Security context /var/lib/pgsql/* system_u : object_r : postgresql_db_t : Classified PostgreSQL User Role Type/Domain MLS Label Database Files Any process/resource have its security context. It enables to show its attribute independent from its class. Security policy A set of massive rules to be allowed Rules are described as relationships between two security contexts and action. postgresql_t is allowed to write files with postgresql_log_t. SystemHigh is allowed to read file with Classified. 10 PGcon2008, Ottawa
  • 11. How security policy works? (2/2) Common attributes well formalized for various kind of resources. Object manager has to maintain proper security context of its managing objects staff_u:staff_r:staff_t:SystemHigh staff_u:staff_r:staff_t:SystemHigh system_u:object_r:var_log_t:Unclassified system_u:object_r:var_log_t:Unclassified system_u:object_r:sepgsql_table_t:Classified system_u:object_r:sepgsql_table_t:Classified shared /var/log/messages ~/memo.txt memory SE-PostgreSQL system_u:object_r:user_home_t:Unclassified system_u:object_r:user_home_t:Unclassified system_u:object_r:postgresql_t:Unclassified system_u:object_r:postgresql_t:Unclassified user_u:user_r:user_t:SystemLow user_u:user_r:user_t:SystemLow 11 PGcon2008, Ottawa
  • 12. 'security_context' system column postgres=# SELECT security_context, * FROM drink; security_context | id | name | price | alcohol ------------------------------------------+----+-------+-------+--------- unconfined_u:object_r:sepgsql_table_t:s0 | 1 | water | 100 | f unconfined_u:object_r:sepgsql_table_t:s0 | 2 | coke | 120 | f unconfined_u:object_r:sepgsql_table_t:s0 | 3 | juice | 130 | f system_u:object_r:sepgsql_table_t:s0:c0 | 4 | cofee | 180 | f system_u:object_r:sepgsql_table_t:s0:c0 | 5 | beer | 240 | t system_u:object_r:sepgsql_table_t:s0:c0 | 6 | sake | 320 | t (6 rows) A new system column of security_context. It shows security context of each tuples. In pg_attribute, it shows security context of the column. ditto, for pg_class, pg_database, pg_class Default security context of newly inserted tuples Updating security context via writable system column 12 PGcon2008, Ottawa
  • 13. How clients' authority decided? Access controls, as if users access files via system calls. But, queries come through networks. Labeled Networking Technology SELinux provides getpeercon() API, that enables to obtain the security context of peer process. SE-PostgreSQL applies it as a security context of client Peer's context is delivered during key exchanging. ...:SystemMiddle Labeled IPsec Networks ...:SystemHigh UNIX domain socket SE-PostgreSQL IP address Normal TCP/IP lookup localhost ...:SystemLow 13 PGcon2008, Ottawa
  • 14. Fine-grained Mandatory access controls
  • 15. Tuple-level Access Controls SE-PostgreSQL filters any violated tuples from result set, as if they are not on the target table. ditto, on UPDATE and DELETE statement Checks at tuple insertion for INSERT statement Example: Example: SELECT * FROM employee NATURAL JOIN division; parser & optimizer SeqScan TABLE: employee Plan tree IndexScan kernel space TABLE: division Security SE-PostgreSQL Hooks Policy 15 PGcon2008, Ottawa
  • 16. Column-Level Access Control SE-PostgreSQL checks any column appeared in queries. Abort query execution, if violated usage found. SELECT c1, sin(c2), exp(c3+ln(c4)) FROM ttWHERE c5 < 100; SELECT c1, sin(c2), exp(c3+ln(c4)) FROM WHERE c5 < 100; Query parser Walking on the node tree. Query tree c1 sin exp targetList '+' operation '<' operation c2 float8pl jointree float8lt c3 ln c5 100 c4 Abort! 16 PGcon2008, Ottawa
  • 17. Case Study (1/2) SELECT name, price * 2 FROM drink WHERE id < 40; db_column:{select} for name and price column db_column:{use} for id column {use} permission means "referred but consumed internally" db_procedure:{execute} for int4mul and int4lt function db_table:{select use} for drink table Implementation of operators. Implementation of operators. The current transaction will be aborted, if the client does not have enough permissions. And db_tuple:{select use} for each tuples Any violated tuples are filtered from result set. 17 PGcon2008, Ottawa
  • 18. Case Study (2/2) UPDATE drink SET size = 500, price = price * 2 WHERE alcohol = true; db_column:{update} for size column db_column:{select update} for price column price column is also read, not only updated. db_column:{use} for alcohol column db_procedure:{execute} for booleq and int4mul function db_table:{select use update} for drink table The current transaction will be aborted, if the client does not have enough permissions. And db_tuple:{select use update} for each tuples Any violated tuples are excepted from the target of updating. 18 PGcon2008, Ottawa
  • 20. Data Flow Control Demonstration PostgreSQL (original) SE-PostgreSQL read(2) read(2) Secret Secret SystemHigh SystemHigh INSERT write(2) INSERT write(2) PgSQL Filesystem SE-PgSQL Filesystem Secret Secret Secret Security Security System-wide System-wide Attribute Attribute SELECT read(2) consistency consistency SELECT read(2) LOST! LOST! in accee control in accee control SystemLow SystemLow 20 PGcon2008, Ottawa
  • 22. Performance 700 CPU: Core2Duo E6400, Mem: 1GB, HDD: SATA CPU: Core2Duo E6400, Mem: 1GB, HDD: SATA shared_buffer=512m, rest of options are in default. shared_buffer=512m, rest of options are in default. 600 $$pgbench -c 22-t 200000 Transactions per second pgbench -c -t 200000 500 400 300 200 100 0 2 4 6 8 10 12 14 16 18 20 Scaling factor PostgreSQL 8.4devel SE-PostgreSQL 8.4devel about 10% security-tradeoff access vector cache (AVC) minimizes system-call invocation 22 PGcon2008, Ottawa
  • 23. Platform dependency SE-PostgreSQL always needs SELinux to run. Is SE-PostgreSQL available on disabled SELinux? Is SE-PostgreSQL available on any other operating system? PostgreSQL Access Control Extension (PGACE) A set of platform independent hooks To apply various kind of security module with minimum impact Base PostgreSQL implementation PGACE framework OS specific security module pgaceHeapTupleInsert sepgsqlHeapTupleInsert ExecInsert fooHeapTupleInsert static inline bool static inline bool pgaceHeapTupleInsert(Relation rel, HeapTuple tup,...) pgaceHeapTupleInsert(Relation rel, HeapTuple tup,...) varHeapTupleInsert { { #ifdef HAVE_SELINUX #ifdef HAVE_SELINUX database if (sepgsqlIsEnabled()) if (sepgsqlIsEnabled()) return sepgsqlHeapTupleInsert(rel, tup, ...); return sepgsqlHeapTupleInsert(rel, tup, ...); #endif #endif return true; return true; 23 PGcon2008, Ottawa } }
  • 24. The current status of SE-PostgreSQL The current status Now, it is available on Fedora 8 or later Patches are reviewed at CommitFest:May Thanks for many worthful comments/suggestions! http://wiki.postgresql.org/wiki/CommitFest:May In the next Now revising my patches for CommitFest:Jul design improvement, documentation, regression test, ... Security Policy Upstreaming 24 PGcon2008, Ottawa
  • 25. Summary "System-wide" Consistency in Access Controls ITS PHILOSOPHY: Same access control policy should be applied to same information asset, independent from the way to store. Key concept is sharing a single unified security policy. Fine-grained Mandatory Access Controls Non-bypassable for everyone Column-/Tuple-level flexibility Any violated tuple is filtered, as if they don't exist. Using violated column and others invokes execution aborts. 25 PGcon2008, Ottawa
  • 27. Thank you! Acknoledgement: Information-Technology Promotion Agency (IPA), Japan supported the development of SE-PostgreSQL as one of the Exploratory Software Projects in later half of 2006FY.
  • 28. Resources Project Home http://code.google.com/p/sepgsql/ SVN repository svn co http://sepgsql.googlecode.com/svn/ sepgsql Today's slide http://sepgsql.googlecode.com/files/PGCON20080523.pdf RPM Packages http://code.google.com/p/sepgsql/downloads/list And, see the repository of Fedora project Logo Currently, he has no name. 28 PGcon2008, Ottawa