0

I'm looking for a way to protect the identity of people in my SQL database. The database has rows containing an unique hash that represents a person and personal data about this person. The idea is that certain personal/medical data is hashed so anyone can add/edit/delete columns and anyone can request columns but can never request the unique hashes.

Representation database:

Joe+1994 --> q4y23z

|Hash|  |Age|  |Height|  |Smoker| 
---------------------------------
q4y23z   21     200cm       0
r8h32l   21     100cm       1
9itj5b   21     100cm       1

This all works fine but the database is very small at this moment. If someone knows that I am represented in this database and knows that I for instance am a non-smoker and am 2m tall then this person will discover my identity and other personal data. Is there any known technique to limit the access to certain columns until the amount of rows is large enough to provide anonymity?

Sincerely,

Joe

Joe Harrison
  • 105
  • 1
  • 1
  • 8
  • 1
    Which DBMS are you using? Most modern DBMS allow fined grained privileges on which columns a user is allowed to retrieve. –  Nov 22 '15 at 14:43
  • I agree with @a_horse_with_no_name. Security is the way you should accomplish this. On the other hand if you just need a surrogate key, then I'd recommend using a GUID, not a hash. You don't want to have to deal with hash collisions. – Bacon Bits Nov 22 '15 at 14:46
  • 1
    another way of limiting the columns able to be seen is to use views? – Ryan Vincent Nov 22 '15 at 14:52

0 Answers0