Dynamic Data Masking
Lianja supports user roles and permissions for UI elements and these user roles extend into the core of the database engine to provide dynamic data masking (DDM).
You manage Dynamic Data Masks in the "Users" workspace.
Dynamic data masking (DDM) limits sensitive data exposure by masking it to non-privileged users. It can be used to greatly simplify the design and coding of security in your application. Dynamic data masking helps prevent unauthorized access to sensitive data by providing the ability to designate how much of the sensitive data to reveal with minimal impact on the application layer. DDM can be configured on the database to hide sensitive data in the result sets of queries over designated database fields, while the data in the database is not changed. Dynamic data masking is easy to use with existing applications, since masking rules are applied in the query results. Many applications can mask sensitive data without modifying existing queries.
Contents
Managing Dynamic Data Masks Declaratively
You manage dynamic data masks in the users workspace or alternatively in the Lianja Admin Console.
Dynamic Data Masks in the Users Workspace
This is where you enter details for dynamic data masks: data masks that will be applied to specified columns in a specified database table for one or more roles.
Fields
| Field | Description |
|---|---|
| Domain | Domain or tenancy for the user. |
| Database | Name of the database. |
| Table | Name of the table. |
| Column | Name of the column. |
| Role | Comma-separated list of roles. |
| Mask | The mask to be applied: default, partial, email or encrypted. |
Data is stored in the system!sysdatamasks table.
Toolbuttons
| Button | Description |
|---|---|
| Add | After filling in the fields, click the Add button to create the new mask definition. |
| Update | After selecting a mask definition and changing the fields, click the Update button to commit the changes. |
| Delete | After selecting a mask definition, click the Delete button to delete the selected mask definition. |
| Clear | Click the Clear button to clear the fields, so no mask definition is selected. |
| Refresh | Click the Refresh button to reread the sysdatamasks system table and refresh the Dynamic Data Masks display. |
