Protection of the personal data by data masking method

Authors

  • Михайло Володимирович Коломицев Національний технічний університет України «Київський політехнічний інститут»
  • Анатолій Михайлович Южаков Національний технічний університет України «Київський політехнічний інститут»

DOI:

https://doi.org/10.18372/2410-7840.15.5732

Keywords:

data base, personal data, protection of the personal data, data masking, confidential data, information system

Abstract

In accordance to a law on the protection of the personal data, proprietors of bases of the personal information are under an obligation to provide their defence. By the basic type of depository for the personal information there is a database in the informative system. Practice of development of the informative systems shows that except for a productive (basic) database there is a task of creation of its copies, unproductive (test) databases. To use such universal mechanism in test databases, as cryptography, for the protection of the personal data is not always possible. Reason to that not only the known legislative limitations but also that test databases must be functionally equivalent a production database. It means that the protected information must be presented in a kind, not defiat integrity of database (both integrity on references and on belonging of information to the certain domain). For the protection of the personal data it is possible to take approach in such situation, which is named data masking method. Essence of this method, his actuality, requirements to realization, opens up in this article. Authors offer developed by them as a programming code of protection of the personal data in the environment of MS SQL Server.

Author Biographies

Михайло Володимирович Коломицев, Національний технічний університет України «Київський політехнічний інститут»

PhD, reader of Information Security Cathedra, National Technical University of Ukraine «Kiev Polytechnic Institute».

Анатолій Михайлович Южаков, Національний технічний університет України «Київський політехнічний інститут»

technician of Informatization Department, National Technical University of Ukraine «Kiev Polytechnic Institute».

References

Закон Украши «Про захист персональних даних» вЦ 01.06.2010 №2297-VI (редакцш станом на 09.06.2013) [Електронний ресурс]. — Режим до¬ступу http://zakon.rada.gov.ua/go/2297-17

Data masking [Электронный ресурс]. — Режим до¬ступа: http://en.wikipedia.org/wiki/Data_masking.

Data Masking [Электронный ресурс]. — Режим до¬ступа: http://www.datamasking.com/solutions/ products/datamasking.

Data Masking Best Practice [Электронный ресурс]. — Режим доступа: http://www.oracle.com/us/ products/database/data-masking-best-practices- 161213.pdf.

Dynamic Data Masking [Электронный ресурс]. — Режим доступа: http://www.data-integration.ru/ products/section323/section331.

IBM представила ПО для маскировки закрытых данных [Электронный ресурс]. — Режим доступа: http:// www.securitylab.ru/news /301841.php.

The Five Laws of Data Masking [Электронный ре¬сурс]. — Режим доступа: https://securosis.com /blog/the-five-laws-of-data-masking.

Understanding and Selecting Data Masking Solutions: Creating Secure and Useful Data [Электронный ре¬сурс]. — Режим доступа: https://securosis.com /as- sets/library/reports/UnderstandingMasking_Final- Master_V3.pdf.

A law of Ukraine «On the protection of the personal data» by 01.06.2010 №92297- VI (a release is by the state on 09.06.2013) [electronic resource]. — Mode access: http:// zakon.rada.gov.ua/go/2297-17.

Data masking [electronic resource]. — Mode access: http://en.wikipedia.org/wiki/Data_masking.

Data Masking [electronic resource]. — Mode access: http://www.datamasking.com/solutions/prod- ucts/datamasking.

Data Masking Best Practice [electronic resource]. — Mode access: http://www.oracle.com/us/products /database/data-masking-best-practices-161213.pdf.

Dynamic Data Masking [electronic resource]. — Mode access: http://www.data-integration.ru/products /section323/section331.

IBM presented products for data protection [elec¬tronic resource]. — Mode access: http://www. secu- ritylab.ru/news /301841.php.

The Five Laws of Data Masking [electronic resource].

— Mode access: https://securosis.com/blog/the-five- laws - of- data-masking.

Understanding and Selecting Data Masking Solutions: Creating Secure and Useful Data [electronic resource].

— Mode access: https://securosis.com/assets/ library/reports/UnderstandingMasking_FinalMaster _V3.pdf.

Downloads

Issue

Vol. 15 No. 4 (2013)

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).