Yesterday I mentioned that Bruce Schneier quote that illustrates why not to use meaningful data as a database identifier. The best (or at least better than usual) way to go is with cryptographic hashes for keys, writes Simson Garfinkel, author of Web Security, Privacy, and Commerce for O'Reilly, in Protecting privacy with translucent databases. Translucent databases is apparently the name given the technique by Peter Wayner, author of a book of the same name.
It's a funny name: the point (at least of the hash bit) is that the actual data is totally opaque behind the cryptographic hash. I guess the idea of translucency is that "there's no there there." You look at the database and don't actually see anything. Even if the name is odd, the idea is sound enough (enough so that one wouldn't think it'd need a catchy buzzword).
The Unix password file is the one translucent database that is in wide use today. ... Instead of storing the actual passwords, Unix stores passwords that have been processed with a one-way hash function.
Only problem with that is, if you need to give someone else the, say, credit card numbers from your database, you can't if they're hashed. So you can't always use this technique--but A+++ good-on-ya if you can get away with it in yours.
