Thanks to the 'algorithm king' at Allegro (aka. Stan Sieler), I've got just
the sort of algorithm I needed. For those of you who responded, again thank
you.
Over the past couple of weeks, I've managed to get Active Server Pages, NT
4.0, ODBCLINK/SE and MPE 6.0 talking to each other well enough to put
together a prototype web site for selling Opera, Symphony and Ballet
tickets, with REAL TIME seating assignment. I'm using ALLBASE stored
procedures to pull all of the data out of an IMAGE/SQL database. The stored
procedures each return one or more rows of data that is then formatted
using MS Frontpage and Active Server pages. This technique is proving to be
very fast because all the work is being done on the HP and ODBC is
responsible only for transmitting a maximum of ten (or so) rows of data.
Opera tickets, in particular, are very expensive. A pair of good tickets
can easily run in excess of $300 - $400 dollars, often much more. So, my
request for a random algorithm for a session ID was needed so that no
hacker could predict the next (or prior) session id in a sequence of large
monetary transactions. In my case, I'll pass the TCP/IP address of the
remote host (proxy or web browser) as a parameter to the stored procedure.
This will be seed 1. Seed 2 will based on the time at the start of a
transaction (reversed so that seconds are followed by minutes, by hours,
etc). This should yield two highly variable, but readily available seeds.
This is VERY interesting work...
Gary L. Biggs, N5TTO
[log in to unmask]
Interex SIG Allbase Chair, 1999 HamCom Program Chair
"Abandon all hope, Ye who Inter(net) here" --
Dante, over the portal(router) to Hell
|