dbsec-凯发k8游戏

dbsec data security products and services

lower the data breach risks,prevent sensitive data from being threatened,and meet the requirements of laws and regulations

data security products series

dbsec data masking system (dms)

product overview

dbsec data masking system (dms) is a professional data masking product of extracting, blanching, and dynamically masking the data in production environment.

dms meets the masking requirement from various scenario: test, development, training, data analysis and data sharing.

dms compliance with the requirements in finance industry, insurance industry, energy industry, government industry, healthcare industry, education industry, etc.

product values

privacy data management policy compliance

dms helps organizations meet the sensitive data protection regulations in test and develop process required by international standard and industry monitor policies:

◆eu general data protection regulation

◆guidance on information technology in the 12th five-year plan of banking industry

◆cbrc guidelines for information technology risk on-site inspection

◆information security technology-baseline for classified cybersecurity protection

◆notice of the general office of the national health and family planning commission on printing and distributing the application function guidance of the hospital information platform (planning letter of national health office〔2016〕no.1110)

improve the security of data maintenance and sharing

dms ensures the validity (maintain the original data type and business format), integrity (maintin the length, and data content no loss), relation (maintain the relationship between tables and between datas within a table) of the masked data through built-in policies and algorithms, to enhance its validity in testing, developing and training.

dms identifies the accessors to production database with multiple identity dimensions, such as username, ip address, tool type, time, etc., to control their query results are various from each other. the return results could be real data or masked data, controlled by the affect row number, or directly blocked.

dms provides different policies for accessors, to fine-grained control the access to production data. such as, dba can maintain the database, but can’t get the sensitive data, while business system can access to the real data, and bi system can only get the treated user information, etc.

prevent sensitive data branches in production database

dms provides sensitive data to a third-party user after disordering them, such as id number, address, bank card number, telephone number, etc., to prevent sensitive data branches from the production database. dms partly abstracts the producted or bleached data, to achieve the minimized data set in non-production environment.

product advantages

static masking technology with high utility

dms provides abundant built-in masking algorithms, flexible and streamlined policies and solutions. it can mask multiple data types, helps organizations to carry out deployment quickly without change business process, efficiently decreases the masking complexity and risk, and control the masking cost.

◆intelligence: dms has good identify capability of sensitive data. it identifies and masks sensitive data automatically according to their features with no rely on the original definition of tables and fields.

◆validity: dms ensures the masked data accuratedly reflect the business attribution and data distribution features of the original data. masked data should keep its readability, such as the name, address, illness, enterprise name, etc., and could match the data rules of business system and pass the validity verification of business system, such as the verification of id number, check code of bank card number, birthday data section, valid issuing bank information, age and birthday, etc.

◆integrity: the masked data is still complete. dms won’t change the original length of data, and doesn’t include invalid information while masking, to ensure the masked data can match the definition of target data and prevent the possible storage problems.

◆relevance: the masked data can keep strictly its original data relation and match the data relation features of business system, such as, when id number appears in many tables, they masked to be the same. moreover, the data with time order should also in their time order after masked.

◆reversibility: with the popularity of data analysis, third-party organizations and internal analysis teams need to restore the analysis results of masked data to business data, so as to form real analysis results. dms provides reversible reduction of masked data.

◆repeatability and unrepeatability: dms provides the capability of repetitive data masking, to ensures the data valid correlation in the incremental environment and in different rounds of masking. it provides the unrepeatable capability as well, to ensures the masked datas are different in different masking rounds, to prevents the restoring of masked data.

◆rich data source: dms can masking the international mainstream databases and domestic databases, supports masking the hive big data and the structured files such as txt, csv, etc., supports masking the unstructured files such as excel, html, xml, etc., supports masking the dump files, and also supports masking the standard agreement document in fund industry.

◆large-scale data masking: with the rapid development of various businesses, business production system developed and accumulated a great amount of sensitive information, makes the large-scale data masking becomes the application scenario of many enterprises. through the continuous product improvement, dms now can complete the masking task efficiently of the data on tb level with high quality.

protect the dynammic masking technology in real-time

dms provides the dynamic masking capability with high realibility. through the tandem deployment mode, dms addresses the database protocal, filters the data based on the user roles and rules, and masks the sensitive data. to understand the typical dynamic masking result, you can imagine that there is a business manager on the left, who has the privilege to access to real data; the part-time system administer is in the middle, who can only read the masked data that won’t affect the completion of their daily system management; the developer, tester and analyst are on the right, who needs access to the specific data and are not depend on the authenticity of the data.