Protecting Your Users Data With a Privacy Wall

// February 23rd, 2007 // Security & Privacy, Technology

Protecting User DataBrad Greenlee has a good article in his blog about the data security architecture he designed and that’s used by Wesabe to protect the company’s sensitive data.

In essence, they abstract the connection between a user and their sensitive data by using a cryptographic hash rather than a foreign key. The result is that should the data fall into the wrong hands, the data is readable but not traceable back to its owner. So in a bank for example, the bad guys would know that somebody has $500k in their account and somebody else has $500, but they wouldn’t know which one is me (well, anyone who knows me would, but…).

The design does have a few drawbacks, which he addresses, and additional measures would be required for very-high security applications (like a bank maybe). But it’s good to see smart people putting some good thought into designing simple, effective security into application and database architectures (which I’ve always felt was the most-overlooked and easiest-to-exploit of the generally accepted data security threats), and protecting users data from what is arguably it’s biggest threat – internal compromise.

Leave a Reply