http://radio.weblogs.com/0100887/categories/databases/ Copyright 2002 Jon Udell Fri, 19 Jul 2002 14:30:19 GMT http://backend.userland.com/rss092 7/19/2002; 10:27:50 AM http://radio.weblogs.com/0100887/categories/databases/2002/07/19.html#a345 <FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>I had lunch with my old pal Peter Wayner yesterday, and he gave me a copy of his new book, </FONT><A href="http://www.wayner.org/books/td/"><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>Translucent Databases</FONT></A><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>. In the book, Peter defines translucency as an approach that "lets some light escape the system while still providing a layer of secrecy." </FONT> <b>...</b> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>I had lunch with my old pal Peter Wayner yesterday, and he gave me a copy of his new book, </FONT><A href="http://www.wayner.org/books/td/"><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>Translucent Databases</FONT></A><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>. In the book, Peter defines translucency as an approach that "lets some light escape the system while still providing a layer of secrecy." </FONT></P> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>Conventionally, databases store information in the clear and rely on a fortress security model. Break into the fortress (or subvert it from inside), and you can scoop up all the information. Over lunch Peter sketched a scenario that might well be a non-starter given that risk. Imagine a web service that enables parents to find available babysitters. A compromise would disastrously reveal vulnerable households where parents are absent and teenage girls are present. Translucency, in this case, means encrypting sensitive data (identities of parents, identities and schedules of babysitters) so that it is hidden even from the database itself, while yet enabling the two parties (parents, babysitters) to rendezvous. </FONT></P> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>The techniques used to accomplish this trick are simple, but the protocols -- like all cryptographic protocols -- require some thought. In general, they elaborate on the possibilities inherent in one-way hashing, like that used to guard passwords in the Unix /etc/passwd file. For example, this SQL statement: </FONT></P> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>INSERT INTO babysitter1 VALUES (MD5("Chris Jones/swordfish"), "No practice and no school.", 1, 1, "2002-01-02 16:00:00", "2002-01-02 23:00:00") </FONT></P> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>means: "Chris Jones (password swordfish) is available Jan 2, from four to eleven." A parent to whom Chris has vouchsafed her password queries Chris' schedule using: </FONT></P> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>SELECT * from babysitter1 WHERE idHash=MD5("Chris Jones/swordfish"); </FONT></P> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>Most of the book spins out variations on these kinds of examples, using simple Java code to generate standard SQL. Some other techniques include misdirection (adding fake data, and certifying the real data with digital signatures), and quantization (rounding off data that doesn't need to be individually precise, as also described in </FONT><A href="http://www.nytimes.com/2002/07/18/technology/circuits/18NEXT.html"><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>an NY Times Circuits story</FONT></A><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2> yesterday). </FONT></P> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>The book was poorly copyedited, unfortunately, and there are an annoying number of typos. But it's an excellent exploration of what will doubtless be an important emerging field: the intersection of databases and cryptography. Perhaps in time Microsoft's initial Hailstorm proposal will be seen in a slightly different light. It was, after all, a translucent database. </FONT></P> 6/15/2002; 9:31:33 AM http://radio.weblogs.com/0100887/categories/databases/2002/06/15.html#a301 <FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>This is wonderful news:</FONT> <BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px"> <P><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>Sleepycat Software is working on a new </FONT></EM><A href="http://www.sleepycat.com/xml/index.html"><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>embedded XML database</FONT></EM></A><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>. The code isn't available yet, but I suspect this will prove to be a pretty useful product. It has a C++ API and is built on the mature berkeley DB engine. It will be released under similar terms as other Sleepycat software. [</FONT></EM><A href="http://www.xmldatabases.org/radio/xmlDatabases/"><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>Kimbro Staken: XML Database JuJu</FONT></EM></A><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>]</FONT></EM> <b>...</b> <B></B> <P><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>This is wonderful news:</FONT> <BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px"> <P><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>Sleepycat Software is working on a new </FONT></EM><A href="http://www.sleepycat.com/xml/index.html"><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>embedded XML database</FONT></EM></A><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>. The code isn't available yet, but I suspect this will prove to be a pretty useful product. It has a C++ API and is built on the mature berkeley DB engine. It will be released under similar terms as other Sleepycat software. [</FONT></EM><A href="http://www.xmldatabases.org/radio/xmlDatabases/"><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>Kimbro Staken: XML Database JuJu</FONT></EM></A><EM><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>]</FONT></EM></P></BLOCKQUOTE> <P dir=ltr><FONT face=Verdana,Geneva,Arial,Helvetica,Sans-Serif size=2>A&nbsp;high-quality lightweight XML database, with both open source and commercial&nbsp;modes of use, is going to be an incredibly useful piece of infrastructure. Thanks for the pointer, Kimbro!</FONT></P> Kimbro Staken: XML Database JuJu 1/18/2002; 5:42:59 PM http://radio.weblogs.com/0100887/categories/databases/2002/01/18.html#a10 <b>...</b> <A href="http://www.byte.com/tangledthreads/thread.jsp?forum=258&amp;thread=8179">Talk | OpenLink Virtuoso implements XQuery</A>. OpenLink Software are doing way cool things with Virtuoso these days. Intriguing demos of their stored-procedure-based app server, with all sorts of cool XML, hybrid XML/SQL, XSLT, and SOAP support, can be seen here: <a href="http://demo.openlinksw.com:8890/tutorial/">http://demo.openlinksw.com:8890/tutorial/</a>. And here is a live demo of their server processing the W3C's XQuery use cases: <a href="http://demo.openlinksw.com:8891/xquery/demo.vsp">http://demo.openlinksw.com:8891/xquery/demo.vsp</a>. Nifty! Jon Udell