Most of the recommendations in this paper are applicable to PostgreSQL (the community edition) and to EDB Postgres™ Advanced Server (Advanced Server), the enterprise-class, feature-rich commercial distribution of PostgreSQL from EnterpriseDB® (EDB™).
This white paper presents:
- A framework and a series of recommendations to secure and protect a Postgres database.
- A layered security model that addresses physical security, network security, host access control, database access management, and data security.
Advanced Server provides additional relevant security enhancements, such as edb_audit, SQL/Protect and Virtual Private Database (VPD) that are not available in the same form in PostgreSQL.