Dynamic Data Masking

From Lianjapedia
Jump to: navigation, search

Lianja supports user roles and permissions for UI elements and these user roles extend into the core of the database engine to provide dynamic data masking (DDM).

Bm-noteicon.png
Quick Start Guide

You manage Dynamic Data Masks in the "Users" workspace.

Dynamic data masking (DDM) limits sensitive data exposure by masking it to non-privileged users. It can be used to greatly simplify the design and coding of security in your application. Dynamic data masking helps prevent unauthorized access to sensitive data by providing the ability to designate how much of the sensitive data to reveal with minimal impact on the application layer. DDM can be configured on the database to hide sensitive data in the result sets of queries over designated database fields, while the data in the database is not changed. Dynamic data masking is easy to use with existing applications, since masking rules are applied in the query results. Many applications can mask sensitive data without modifying existing queries.

Bm-dynamicdatamasks.png

Managing Dynamic Data Masks Declaratively

You manage dynamic data masks in the users workspace or alternatively in the Lianja Admin Console.


Dynamic Data Masks in the Users Workspace

This is where you enter details for dynamic data masks: data masks that will be applied to specified columns in a specified database table for one or more roles.

Fields

Field Description
Domain Domain or tenancy for the user.
Database Name of the database.
Table Name of the table.
Column Name of the column.
Role Comma-separated list of roles.
Mask The mask to be applied: default, partial, email or encrypted.

Data is stored in the system!sysdatamasks table.

Toolbuttons

Button Description
Add After filling in the fields, click the Add button to create the new mask definition.
Update After selecting a mask definition and changing the fields, click the Update button to commit the changes.
Delete After selecting a mask definition, click the Delete button to delete the selected mask definition.
Clear Click the Clear button to clear the fields, so no mask definition is selected.
Refresh Click the Refresh button to reread the sysdatamasks system table and refresh the Dynamic Data Masks display.