couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "How to add client-side security" by PeterWayner
Date Fri, 27 Mar 2009 18:47:17 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The following page has been changed by PeterWayner:
http://wiki.apache.org/couchdb/How_to_add_client-side_security

------------------------------------------------------------------------------
+ == Adding Client-Side Security with a Translucent Database ==
+ 
- Many applications do not require a thick layer of security at the server. It is possible
to use a modest amount of encryption and one-way functions to obscure the sensitive columns
or key-value pairs, a technique often called a ''translucent database''. 
+ Many applications do not require a thick layer of security at the server. It is possible
to use a modest amount of encryption and one-way functions to obscure the sensitive columns
or key-value pairs, a technique often called a ''translucent database''. (See [http://www.wayner.org/node/52
description].)
  
  The simplest solutions use one-way function like SHA-256 at the client to scramble the name
and password before storing the information. Here's a quick example of what a table of store
purchases might look like ''before'' the data is scrambled:
  
- ==== Before Translucency====
+ ==== Before Translucency ====
  
  ||''name''||''password''||''product name''||''purchase date''||''size 1''||''size 2''||
  ||Bob Jones||Swordfish||Brawny Pants||Jan 24 2009||32||34||
@@ -21, +23 @@

  ||a67373bc873aacd99392||Dancing Pants||Jan 24 2009||32||34||
  ||3c939a9d9939de993993||Broadway Hat||Jan 24 2009||10||-||
  ||3c939a9d9939de993993||Shopping Pants||Jan 25 2009||26||28||
- ||99929d99c9a999a9dd8d||greeny||Shopping Pants||Jan 26 2009||25||27||
+ ||99929d99c9a999a9dd8d||Shopping Pants||Jan 26 2009||25||27||
  
  
  This solution gives the client control of the data in the database without requiring a thick
layer on the database to test each transaction. Some advantages are:

Mime
View raw message