Posted: Tue Aug 03, 2010 2:24 am Post subject: Database Security/Privacy Design
I wish to secure the identity of the creator of a transaction in a database such that any small number of key holders from a large pool of key holders (say any 3 randomly chosen from a pool of 200) can unlock that identity if they unanimously agree.
I'd like to make it difficult if not impossible for administrators and coders of the system to unlock the identity without the say so of the key holders.
This security is not mission critical but I would like the design to stand up to to rigorous security analysis for marketing purposes.
Could anyone point me to the right forum to post this, or to a link if similar design criteria has been solved?
We want to share N secrets among M people so that any M < N of them (M of N) can regenerate the original information, but no smaller group up to M − 1 can do so. There are mathematical problems of this type, such as the number of points needed to identify a polynomial of a certain degree (used in Shamir's scheme), or the number of intersecting hyperplanes needed to specify a point (used in Blakley's scheme). We can hand out data specifying any number of points on the curve, or hyperplanes through the point, without altering the number needed to solve the problem and, in our application, access the protected resource.
Its certainly not the easiest thing to implement. If the security is not mission critical then don't put it in. I mean there is no point coding some fancy security system if don't need it, you could introduce a plethora of other problems along with it.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum