PostgreSQL Security Features to AAA Framework

When applying PostgreSQL security features to the AAA framework—which stands for Authentication, Authorization, and Auditing—step one is Authentication. This means verifying that the user is who he or she claims to be.

The PostgreSQL host-based access file restricts access based on user name, database, and source IP—if the user is connecting via TCP/IP. Authentication methods are assigned in this file as well. The authentication method or methods you choose depend on your use case.

Methods include Kerberos/GSSAPI, SSPI, LDAP and RADIUS, Cert, md5, Scram, Reject, and Trust. It’s imperative that you have a full understanding of the ramifications of each authentication method.