Elevated Rights when making rest calls In Cloud Environment

I recently have been exploring the Claims Map and Claims Template files and their impact on Rest call privileges. I still have some questions around REST calls and security.

Is it possible to write a script based customization and expose data to unauthenticated users securely (not hard coding elevated credentials into javascript code)?
Is it possible to elevate rights at the field level of a table. So a user could for example update one field in a table, but not others? Or are we restricted to read, create, update, delete against all fields or none?