this is a question we've been tackling as well. So far, our
best solution that by-passes any security issues is using simpledb
and defining your data objects from the flex app. For example, if
you have a social security number in the database that is never
seen by anybody except on signup, then don't define the 'column' in
the compiled app. We'll have more on this in the coming days, but
feel free to poke around smashedapples.com in a week or so when we
release a public ami for ec2.