|
|
|
|
|
Customers are collaborators; you want customers IN, not OUT |
|
In simple and perfect systems they cannot access
private areas, but |
|
System
failures - trap doors, etc. abound |
|
Release checking provides a backstop and
intrusion detection |
|
Updates
for customer convenience create unexpected interactions |
|
Helpful query modification broadens access |
|
New
usages were not foreseen during design partitioning |
|
Customer access to inventory for rapid
supply-line verification |
|
New, unthought of collaborators -- Russians in
Kosovo need access to info |
|
Techniques --
much content has signatures that are (nearly) unique |
|
Check to stop credit card numbers in outgoing
data, as from music sites |
|
Check to stop email addresses in outgoing
reports |
|
Don’t rely exclusively on access control when
the objective is to protect
release of private information ! |