[E-Lang] My financial data

Kevin_Lacobie@interliant.com Kevin_Lacobie@interliant.com
Mon, 29 Jan 2001 14:46:49 -0600


Zane Widdershins wrote,
>For example, instead of copying all
>of your tax history from the "tax history database" over to the central
>computer so that it can then sum up the total tax paid by you over the
>last 10 years, you could instead give the central computer a capability
>that allows it to query the tax history database, but only to learn the
>total tax paid by you over the last 10 years, not to learn anything
>else about your tax history.

This reminds me of a data security issue that's perhaps a meta-capabilities
problem.  It's easy to demonstrate that once you give something/someone a
capability to query and retrieve only statistical information (such as
Sum(n)) from a database, you've actually given them the capability to
retreive specific records from the database, since it's easy enough to
write overlapping queries to deduce the data from a single record.

So, be careful when giving out a Stat Capability!

Kevin Lacobie