Hacker News new | past | comments | ask | show | jobs | submit login

> ...field-level encryption should be a starting place for new application development...

What does the state of the art look like here? Particularly when it comes to familiar tech like Postgres and Redis?

> Conversely, this will generally be a pain to work with ... (You can, of course, build something like a trigger to allow retrieving the keys within the database, but that would significantly undermine the value of this entire enterprise.)

Is this limitation inherent to the concept, or are there some creative ways to retain the benefits without having to lose the relational aspect of the DB?




Couple of random notes:

* Some environments might be able to use a structure where a PII table is fully tokenized while less-sensitive data is more broadly available to developers.

* Postgres can be configured with row/column-level security.

* I believe https://basistheory.com/ offers the per-user/entity key setup. This is an additional service/cost but the UI is slick and easy to provision/remove access to specific fields.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: