Translucent Databases and Cold Fusion

Mon, 16 Dec 2002 18:22:12 -0800 

Hi Guys!

Check out http://www.wayner.org/books/td/ - in it, Peter Wayner describes
methods to construct databases that use one-way functions to scramble data
and shield it from prying eyes. Unfortunately his examples are all in the
overly-long-winded Java language, and I don't have the time nor money right
now to analyze his code. Can anybody translate his examples into Cold
Fusion? Here are some of the case studies (take your pick):

         1. A database that hides the position of Navy ships from enemies while
simultaneously providing accurate information to those with proper
authorization.
         2. An anti-rape database that identifies trends without containing any
personal information.
         3. A babysitter scheduling service that matches parents with available
sitters while protecting the sitters' identities and locations'.
         4. A department store database that guards the modesty of customers.
         5. A private accounting system that detects fraud without revealing
information.
         6. A poker game for the Internet that prevents cheating.
         7. A pharmacy database for preventing dangerous drug interactions while
keeping medical records secure.
         8. A tool for travel agents to protect their clients from stalkers and
kidnappers.
         9. A stock exchange transaction mechanism designed to stop
insider-trading.
        10. A website logfile tool that provides accurate counts of visitors while
protecting their identities.
        11. A credit-card database for defending crucial e-commerce transactions.
        12. A patent search tool that doesn't reveal the nature and focus of the
search.
        13. A conference bulletin board that routes messages without helping
stalkers.
        14. A tool for studying the radon concentration in homes without
maintaining personal information.
        15. An anti-money laundering database.

I know one trick where the password is hashed before it is stored in the
database - an administrator can reset the password but can't tell you what
it is. But this trick doesn't cover cases where the information needs to be
displayed to certain people.

Know any others?

Dave

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4
Subscription: 
http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Get the mailserver that powers this list at http://www.coolfusion.com

Reply via email to