Here's an FAQ:
Q: What are translucent databases? A: A term for databases that must protect some information while revealing other data. In other words, a phrase to capture how the database must exist somewhere between translucency and opacity.
Q: Do they encrypt things? A: Yes, but only some things and then only in a careful way. Standard encryption algorithms lock data away in an inscrutible pile of bits. Only the person with the right key can make sense of the information. Translucent databases use the same algorithms in a more controlled fashion. Some of the information is turned into an inscrutible pile of bits, but other parts can be read, understood and acted upon by the database engine.
Q: So what's scrambled beyond recognition? A: Anything you want. The database administrator usually chooses personal or sensitive information. Social security numbers or credit card numbers are ideal choices. Passwords are another choice.
Q: But are they really beyond all recognition? A: Actually, no. The book describes how to control the scrambling so that useful work can be done with the result. In some cases, you can still compare the information to see if it matches other scrambled entries. In others, you can add or multiply the data too. All of this work is done behind a curtain of encryption so the privacy is still protected.
Q: So why would I use something like this? A: Databases come with good security already, but nothing is perfect. Sometimes someone leaves a backdoor open. The operating system, not the database itself, is often the culprit. Sometimes clerks, bosses and everyone in between abuse their legitimate access. Translucent databases provide a way to work with sensitive information in a more secure way.
Q: Are there advantages? A: The security mechanism of translucent databases is much simpler. Translucent databases don't require heavily tested operating systems running the in the most secure mode to protect the information. They can save administrative costs by making life easier for system administrators. The mechanism also runs faster in many cases because there's no need for a complicated security layer to evaluate every request.
Q: Isn't hardware cheap? A: Yes, but it's not just about speed and cost. Translucent databases also make ideal satellite databases placed in remote sites or branch offices. They can accomplish all of their tasks without the extra security. There's no need to lock away the database or check out all of the staff. The translucent database strips away the sensitive information.
Q: Are they perfect too? A: Nothing is perfect, but translucent databases can withstand some attacks that would cripple a regular database. If a hacker breaks in or an employee turns traitor, the information is still secure. There are still ways that information can leak out, but they're significantly fewer and harder to exploit.In many ideal situations, the database administrator can publish the root password and remain sure that the sensitive information will stay locked up.
Q: How is the book written? A: As a high-level idea book with the full source code to dozens of examples. Each chapter describes a different technique for locking up the information. Most come with two or three different databases as examples. The book comes with a license to use the source code in any way you want.
Q: Who would want to read the book? A: Database administrators who need to guard sensitive information.
Q: Do the examples help? A: There are dozens of examples in the book. If there's nothing directly useful, then most database administrators will find something that is close. The book is meant to teach by example.
Q: Is this idea new? A: Yes and no. People have been encrypting databases for a long time, but most of it isn't permanent. Many databases can be protected by a password, but it is unscrambled whenever someone does a query. That's not ideal. Translucent databases are scrambled beyond recognition. This book takes some of the standard techniques from cryptography and reapplies them in a different way. The one-way functions and the digital signatures aren't new, but the attitude to protecting data is.
Q: What about password databases? A: The UNIX password file scrambling mechanism is a great example of a translucent database. It's been around for a long time. The book is really an attempt to see how far the idea will go. Can we help people schedule meetings? Can we protect the plans of a baby sitter or an executive threatened with kidnapping? Can we protect the ships at sea while still letting family members follow their movements? Can we take care of credit card numbers? It turns out we can build a central database using some of the same techniques that protects the average password files. People can still do useful work, but no hacker can punch through.
Q: Is there code? A: Yes, plenty of SQL and Java code.
Q: Can I use it? A: Sure. Owners of the book get a royalty-free license to reuse the source code as they desire. You can copy it verbatim, change it slightly, or rewrite large parts.
Q: Can I contact the author? A: firstname.lastname@example.org or email@example.com should work