Integrity control of masked database foreign key

Authors

  • Михаил Владимирович Коломыцев NTUU "KPI"
  • Светлана Александровна Носок NTUU "KPI"
  • Анастасия Евгениевна Мазуренко NTUU "KPI"

DOI:

https://doi.org/10.18372/2410-7840.17.9789

Keywords:

database, personal data protection, data masking, private data, information system.

Abstract

The paper is about the actual problem of information protection in databases. The authors examine the method of data protection by masking. The essence of data masking is irreversible replacement of confidential information in the database (such as data identifying specific people) with non–sensitive data to prevent access of unauthorized users. Normally, the confidential data is replaced with data similar to real values that they can be used in the test systems with the assurance that the original data can not be obtained, extracted or recovered. Data masking involve replacing the initial confidential data (such as identifying specific people data) to other, hiding the original values. The masked data must remain functionally suitable for application processing (mainly testing problems, tuition, etc.). In this paper, the authors propose a method of static data masking through substitution, providing masking the primary key and foreign keys integrity of the database. This method is implemented as a stored procedure for data base management system (DBMS) MS SQL Server.

Author Biographies

Михаил Владимирович Коломыцев, NTUU "KPI"

candidate of technical sciences, associate professor of Physico-Technical Institute of the NTUU "KPI".

Светлана Александровна Носок, NTUU "KPI"

candidate of technical sciences, associate professor of Physico-Technical Institute of the NTUU "KPI".

Анастасия Евгениевна Мазуренко, NTUU "KPI"

student of the Physico-Technical Institute of the NTUU "KPI".

References

Ahmed W. Data Masking Best Practice [Электронный ресурс] / W. Ahmed, J. Athreya. – 2013. – Режим до-ступа: http://www.oracle.com/us/products/data-base/data–masking–best–practices–161213.pdf.

Закон України «Про захист персональних даних» від 20.12.2012 №2297– VI.

Коломыцев М.В., Южаков А.М. Защита персональ-ных данных методом маскирования / М. В. Коломыцев, А. М. Южаков // Захист інформації. – 2013. – Т. 15, № 4. – С.382-387. – Режим до-ступа: http://nbuv.gov.ua/j–pdf/Zi_2013_15_4_17.pdf

Understanding and Selecting Data Masking Solutions: Creating Secure and Useful Data [Электронный ресурс]. – 2012. – Режим доступа: https://securo-sis.com/assets/library/reports/UnderstandingMask-ing_FinalMaster_V3.pdf.

The Five Laws Of Data Masking [Электронный ресурс]. – 2008. – Режим доступа: https://securo-sis.com/blog/the–five–laws–of–data–masking.

Get started with SQL Database Dynamic Data Masking (Azure portal) [Электронный ресурс] – Режим доступа: https://azure.microsoft.com/en–us/documen-tation/articles/sql–database–dynamic–data–masking–get–started–portal/.

A Globally Optimal k–Anonymity Method for the De–Identification of Health Data [Электронный ресурс] / [K. El Emam, F. Dankar, R. Issa и др.]. – 2009. – Режим доступа: http://jamia.oxfordjournals.org/content/16/5/670.full.

Haldeman J. Compare IBM data masking solutions: In-foSphere Optim and DataStage [Электронный ресурс] / John Haldeman. – 2012. – Режим доступа: http://www.ibm.com/developerworks/data/li-brary/techarticle/dm–1211maskingsolution/.

Published

2015-12-16

Issue

Section

Articles