Thanks for the post. I don't know about translating to CF yet, but this might be critical reading for where I work since we have Federal standards to meet for personal information security.
-Kevin > -----Original Message----- > From: Dave Babbitt [mailto:[EMAIL PROTECTED]] > Sent: Monday, December 16, 2002 8:06 PM > To: CF-Talk > Subject: Translucent Databases and Cold Fusion > > > Hi Guys! > > Check out http://www.wayner.org/books/td/ - in it, Peter Wayner describes > methods to construct databases that use one-way functions to scramble data > and shield it from prying eyes. Unfortunately his examples are all in the > overly-long-winded Java language, and I don't have the time nor > money right > now to analyze his code. Can anybody translate his examples into Cold > Fusion? Here are some of the case studies (take your pick): > > 1. A database that hides the position of Navy ships from > enemies while > simultaneously providing accurate information to those with proper > authorization. > 2. An anti-rape database that identifies trends without > containing any > personal information. > 3. A babysitter scheduling service that matches parents > with available > sitters while protecting the sitters' identities and locations'. > 4. A department store database that guards the modesty of > customers. > 5. A private accounting system that detects fraud without revealing > information. > 6. A poker game for the Internet that prevents cheating. > 7. A pharmacy database for preventing dangerous drug > interactions while > keeping medical records secure. > 8. A tool for travel agents to protect their clients from > stalkers and > kidnappers. > 9. A stock exchange transaction mechanism designed to stop > insider-trading. > 10. A website logfile tool that provides accurate counts of > visitors while > protecting their identities. > 11. A credit-card database for defending crucial e-commerce > transactions. > 12. A patent search tool that doesn't reveal the nature and > focus of the > search. > 13. A conference bulletin board that routes messages without helping > stalkers. > 14. A tool for studying the radon concentration in homes without > maintaining personal information. > 15. An anti-money laundering database. > > I know one trick where the password is hashed before it is stored in the > database - an administrator can reset the password but can't tell you what > it is. But this trick doesn't cover cases where the information > needs to be > displayed to certain people. > > Know any others? > > Dave > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm
