Transparent Data Encryption (TDE) is a popular approach to encrypting data at the storage layer, beefing up database security. While PostgreSQL has steadily climbed in popularity – especially among professional developers – it has so far lacked this enterprise feature, at least in open source.
透明数据加密(TDE)是一种在存储层加密数据并加强数据库安全性的流行方法。尽管PostgreSQL稳步攀升(尤其是在专业开发人员中),但到目前为止,它至少缺乏此企业功能,至少在开源中。
So claims Percona, an open source database support and services company, which has sought to rectify the situation with its Transparent Data Encryption (TDE) extension for Percona for PostgreSQL.
因此,开源数据库支持和服务公司索赔Percona,该公司试图通过其Percona的Percona扩展到PostgreSQL的透明数据加密(TDE)扩展。
Currently, the pg_tde extension is part of the open source Percona Distribution for PostgreSQL. It is compatible with PostgreSQL, available under the OSI-approved PostgreSQL License, and managed by the PostgreSQL Global Development Group.
当前,PG_TDE扩展名是PostgreSQL开源Percona发行版的一部分。它与OSI批准的PostgreSQL许可证可用的PostgreSQL兼容,并由PostgreSQL Global Development Group管理。
Percona was working toward including the extension in the main PostgreSQL distribution soon, CTO Liz Warner told The Register.
CTO LIZ WARNER告诉《登记册》,Percona正在努力将扩展名加入主要的PostgreSQL分布。
"We've done some work, so it's available right now in Percona Server for PostgreSQL," she said."It's not available in upstream vanilla PostgreSQL because that will take some collaboration with the community. We have to make some foundational changes, but we're doing the work for that. A piece of it is already in review. Ultimately, we want the TDE to be fully available to the community."
她说:“我们已经完成了一些工作,因此现在可以在Percona Server的PostgreSQL中使用。”“它在上游香草Postgresql中无法使用,因为这将与社区进行一些合作。我们必须进行一些基本的更改,但我们正在为此进行工作。其中的一部分已经在审查中。最终,我们希望TDE完全可供社区使用。”
Percona said it would help customers comply with policies and regulations that require encryption, such as Europe's General Data Protection Regulation (GDPR), which requires organizations to implement appropriate security measures where storage encryption alone is no longer sufficient to protect personal data at rest.
Percona表示,这将帮助客户遵守需要加密的政策和法规,例如欧洲的通用数据保护法规(GDPR),该法规要求组织实施适当的安全措施,仅凭存储加密不足以在休息处保护个人数据。
EDB, a PostgreSQL support and service provider, also provides TDE, although its extension is only available in its licensed EDB Postgres Advanced Server and EDB Postgres Extended Server with the EDB Standard Plan.
EDB是PostgreSQL支持和服务提供商,也提供TDE,尽管其扩展名仅在其许可的EDB Postgres Advanced Server和EDB Postgres扩展服务器中使用EDB标准计划可用。
"With the launch of TDE for PostgreSQL, Percona is leveling the playing field – giving every business access to enterprise-grade data-at-rest protection without licensing fees or restrictions," Warner said.
Warner说:“随着TDE的推出,Percona正在阐明运动环境 - 使每个业务访问企业级的零售数据,而无需获得许可费或限制。”
The TDE extension would encrypt all database files on disk, ensuring sensitive information remains secure even if storage is compromised, Percona said. It also offers centralized Key Management with integrations to leading Key Management Services (KMS) providers such as HashiCorp, Thales, Fortanix, and OpenBao. ®
Percona说,TDE扩展程序将加密磁盘上的所有数据库文件,即使存储遭到损害,也可以确保敏感信息仍然安全。它还为领先的密钥管理服务(KMS)提供商(例如Hashicorp,Thales,Fortanix和OpenBao)提供集中的关键管理。®
