• To: "'Hunsberger, Peter'" <Peter.Hunsberger@S...>, w3c@d...
• Subject: RE: Are people really using Identity constraints specified in XML schema?
• From: "Bullard, Claude L (Len)" <len.bullard@i...>
• Date: Fri, 20 Aug 2004 13:50:08 -0500
• Cc: "Thomas B. Passin" <tpassin@c...>, xml-dev@l...

That used to be called the 'mosaic problem' in 
security circles years ago.  Enough 'no's outline 
the shape of the thing.  If you need to protect 
the thing, you have to return an answer of 
"I cannot confirm or deny.." and then they
know something is important but not exactly what.
Meanwhile, the repeated attempts and negative 
answers emit a pattern of behavior that can 
be detected which is why we have time/node 
stamps on queries and all of that metadata 
is [expletive deleted] up cycles.  So yeah, hardware indeed.

Sigh... so much spy vs spy work.

len


From: Hunsberger, Peter [mailto:Peter.Hunsberger@S...]

It's got nothing to do with content, rather it's the problem that
privacy rules (business rules) can be violated by negative responses.
To work around that requires that you understand the context of the
query and the results in combination with each other. This is one of
those areas, where if you have to solve the problem, you can likely
justify throwing non-trivial amounts of hardware at it...

• Follow-Ups:
  • RE: Are people really using Identity constraints specif ied in XML schema?
    • From: w3c@d...

• Prev by Date: RE: Are people really using Identity constraints specified in XML schema?
• Next by Date: RE: Are people really using Identity constraints specified in XML schema?
• Previous by thread: RE: Are people really using Identity constraints specified in XML schema?
• Next by thread: RE: Are people really using Identity constraints specif ied in XML schema?
• Index(es):
  • Date
  • Thread