Data privacy is a major concern today for any organization that manages sensitive data or personally identifiable information (PII). Examples of such data include sensitive customer information such as phone numbers, email addresses and bank information, HR data on employees and financial business data.

This sensitive information is often stored in the database, and it should only be available to specific people on a need-to-know basis. Beyond that need, the sensitive data should not be exposed via the application, or to developers or IT personnel who access the production database directly.

Traditionally, the logic of obfuscating sensitive data has been developed in the application layer, requiring it to be duplicated across all modules and applications accessing the data. Alternatively, special views have been created to avoid exposure of these sensitive data pieces on the database itself, although these can impact database operations and are susceptible to errors. In other cases, third-party tools have been introduced to manage the concealment of the restricted data.

SQL Server 2016 and Azure SQL DB now offer a built-in feature that helps limit access to those particular sensitive data fields: Dynamic Data Masking (DDM).

DDM can be used to hide or obfuscate sensitive data, by controlling how the data appears in the output of database queries. It is implemented within the database itself, so the logic is centralized and always applies when the sensitive data is queried. Best of all, it is incredibly simple to configure DDM rules on sensitive fields, which can be done on an existing database without affecting database operations or requiring changes in application code.

How DDM works

Dynamic Data Masking rules can be defined on particular columns, indicating how the data in those columns will appear when queried. There are no physical changes to the data in the database itself; the data remains intact and is fully available to authorized users or applications. Database operations remain unaffected, and the masked data has the same data type as the original data, so DDM can often be applied without making any changes to database procedures or application code.

To add a data mask on a certain column in your database, all you need to do is alter that column by adding a mask and specifying the required masking type. Here, you can choose default masking, which fully masks out the original value, partial masking where you can specify part of the data to expose, or random masking, which replaces the numeric value with a random value within a specified range. There is also an email masking function, which exposes the first character and keeps the email format.

Full masking:

Configure masking function:

Results:

Partial masking:

Configure masking function:

Results:

You can also configure masking functions on columns at the time of table creation:

Creating a table with Dynamic Data Masking:

Enabling access to privileged users

When configuring Dynamic Data Masking rules, the underlying data is unaffected — so privileged users can still access the real data. Administrators of the database are always exempt from masking, so they will always get the real data when performing queries. You can also specify certain users that will have access to the actual data by assigning them the UNMASK permission:

Assigning the UNMASK permission:

Common questions about DDM

Does DDM apply for all database clients, like Java or Node.js? Yes, query results always contain masked data for nonprivileged users, regardless of the client used to connect to the database.

What happens if a user copies data from a masked column out of the table and into a TEMP table? In this case, the data is masked when it is retrieved from the original table — so it is written to the target table in masked format (unless a privileged user is retrieving it). This means that the original data cannot be restored from the TEMP table. This ensures that users who do not have access to unmasked data cannot expose the real data by copying it elsewhere. Note: To avoid data corruption, be sure to assign database read/write permissions appropriately.

What is the performance impact of using DDM? Since the data masking is performed only at the end of the database query operation, right before the data is returned, the performance impact is minimal and often negligible. You should still validate the exact performance impact for your workload.

https://blogs.technet.microsoft.com/dataplatforminsider/2016/01/25/use-dynamic-data-masking-to-obfuscate-your-sensitive-data/

Part of a comprehensive security solution

Note that Dynamic Data Masking is not a replacement for access control mechanisms, and is not a method for physical data encryption. DDM is intended to simplify the obfuscation of sensitive data by centralizing the logic in your database, but it does not provide complete protection against malicious administrators running exhaustive ad-hoc queries. Dynamic Data Masking is complementary to other SQL Server security features (auditing, encryption, Row-Level Security, etc.) and it is highly recommended to use it in conjunction with them to better protect your sensitive data in the database.

Getting started

You can get started immediately with Dynamic Data Masking to restrict users from seeing sensitive information in your database. All you need to do is identify the sensitive columns in your database and configure data masking for those columns, specifying how much of the data to reveal.

You can learn more about Dynamic Data Masking for SQL Server and for Azure SQL database with the following resources:

See the other posts in the SQL Server 2016 blogging series.

Use Dynamic Data Masking to obfuscate your sensitive data的更多相关文章

  1. Microsoft: Get started with Dynamic Data Masking in SQL Server 2016 and Azure SQL

    Dynamic Data Masking (DDM) is a new security feature in Microsoft SQL Server 2016 and Azure SQL DB. ...

  2. SQL Server 2016 的「動態資料遮罩 (Dynamic Data Masking)」

    一些特別注重資訊安全.個人資料的公司或產業 (如: 金融.保險業),通常「測試用資料庫」的資料,會加上「遮蔽:去識別化」的功能,避免個資外洩.以往必須自己撰寫 SQL 語句或 Stored Proce ...

  3. Azure SQL Database (23) Azure SQL Database Dynamic Data Masking动态数据掩码

    <Windows Azure Platform 系列文章目录> 我们在使用关系型数据的时候,有时候希望: - 管理员admin,可以查看到所有的数据 - 普通用户,某些敏感字段,比如信用卡 ...

  4. SQL Server ->> SQL Server 2016新特性之 -- Dynamic Data Masking

    Dynamic Data Masking是为了防止敏感数据暴露给未经授权的用户,以一种最小开销和维护成本的形式.Dynamic Data Masking用于表的字段,相当于盖住字段数据的一部分.比如一 ...

  5. 数据访问安全--数据库遮罩及断词 Data Masking & Tokenization

    现在大数据时代几乎无隐私,各政府部门各公司都要求实名制(动不动手机认证,身份证号码认证),但又无力确保数据安全,称为乱象. 其实在2011年,我们就接触过数据库遮罩断词产品,一个澳大利亚公司产品. 简 ...

  6. Big Data Analytics for Security(Big Data Analytics for Security Intelligence)

    http://www.infoq.com/articles/bigdata-analytics-for-security This article first appeared in the IEEE ...

  7. SSIS Data Flow 的 Execution Tree 和 Data Pipeline

    一,Execution Tree 执行树是数据流组件(转换和适配器)基于同步关系所建立的逻辑分组,每一个分组都是一个执行树的开始和结束,也可以将执行树理解为一个缓冲区的开始和结束,即缓冲区的整个生命周 ...

  8. Data Being Added Conflicts with Existing Data

    While developing a page with multiple scrolls levels, and especially when using a grid, you may get ...

  9. Competing in a data science contest without reading the data

    Competing in a data science contest without reading the data Machine learning competitions have beco ...

随机推荐

  1. Springboot 1.5.x 集成基于Centos7的RabbitMQ集群安装及配置

    RabbitMQ简介 RabbitMQ是实现了高级消息队列协议(AMQP)的开源消息代理软件(亦称面向消息的中间件). RabbitMQ是一套开源(MPL)的消息队列服务软件,是由LShift提供的一 ...

  2. 在windows上安装redis并设置密码

    在windows上安装redis Redis是一个开源,先进的key-value存储,并用于构建高性能,可扩展的Web应用程序的完美解决方案. Redis从它的许多竞争继承来的三个主要特点: Redi ...

  3. phpmyadmin 修改执行时间

    D:\xampp\phpMyAdmin\libraries\config.default.php $cfg['ExecTimeLimit'] = 0;

  4. BZOJ.4402.Claris的剑(组合 计数)

    BZOJ 因为是本质不同,所以考虑以最小字典序计数. 假设序列最大值为\(m\),那么序列有这两种情况: \(1\ (1\ 2\ 1\ 2...)\ 2\ (3\ 2\ 3\ 2...)\ 3\ (4 ...

  5. BZOJ.3944.Sum(Min_25筛)

    BZOJ 洛谷 不得不再次吐槽洛谷数据好水(连\(n=0,2^{31}-1\)都没有). \(Description\) 给定\(n\),分别求\[\sum_{i=1}^n\varphi(i),\qu ...

  6. 4535 ACM 礼尚往来 数学排列组合

    题目:http://acm.hdu.edu.cn/showproblem.php?pid=4535 题意:每个礼物都不相同的组合个数 数学规律: 将每个女友排序为1···n,对应的女友送男友的礼物排序 ...

  7. PHP的json_encode不兼容JSON_UNESCAPED_UNICODE的解决方案

    PHP5.4才支持JSON_UNESCAPED_UNICODE这个参数,此参数是让中文字符在json_encode的时候不用转义,减少数据传输量.但在PHP5.3中,就得自己写个函数来实现,以下就是解 ...

  8. 修改Chrome启动参数解决跨域问题

    这个做法仅仅是针对自己本机,只是一个权宜方案 --disable-web-security --user-data-dir=本地用户信息目录 之后启动Chrome浏览器即可

  9. 3ds max学习笔记(五)--操作工具

    一些快捷:移动,旋转,缩放右键可调整数据或者直接右键点开也可以看到或者快捷键W,E,R 复制物体:摁住shift+移动工具,往想要复制的位置拖拽(实例方式复制)亦可选择多个父对象

  10. csrf 跨站请求伪造相关以及django的中间件

    django为用户实现防止跨站请求伪造的功能,通过中间件 django.middleware.csrf.CsrfViewMiddleware来完成. 1.django中常用的中间件? - proces ...