Monday, February 11, 2013

One sequence per table or one sequence per database

Let us assume that you are implementing RESTful APIs for your service. Your service has the following two models: users and tweets. While inserting new entities, you should genertate IDs. The IDs for each of these models can be generated in two ways:
  1. You can use a sequence (if you are using Oracle) or autoincrement feature (if you are using MySQL) to have per model IDs.
  2. You can use a global sequence for all the models.
If you are following the first strategy, you will have user IDs 1, 2, 3, 4, etc. and tweet IDs 1, 2, 3, 4, etc. If you are following the second strategy, you will have user IDs 1, 3, 4, 8, etc. and the tweet IDs 2, 5, 6, 7, etc. 

Thinking about it, I felt that using the first strategy will leak information. Consider some one doing a tweet every day at 10:00 AM and get the tweet ID. If first day the tweet ID is 100, and the second day the tweet ID is 200, etc. That person can infer that your system is receiving 100 tweets/day. I don't know how sensitive this information can be.

I would appreciate your thoughts. Please share them in comments.

No comments: