Rechercher dans le manuel MySQL
6.4.8 MySQL Enterprise Data Masking and De-Identification
[+/-]
- 6.4.8.1 MySQL Enterprise Data Masking and De-Identification Components
- 6.4.8.2 Installing or Uninstalling MySQL Enterprise Data Masking and De-Identification
- 6.4.8.3 Using MySQL Enterprise Data Masking and De-Identification
- 6.4.8.4 MySQL Enterprise Data Masking and De-Identification User-Defined Function Reference
MySQL Enterprise Data Masking and De-Identification is an extension included in MySQL Enterprise Edition, a commercial product. To learn more about commercial products, https://www.mysql.com/products/.
As of MySQL 8.0.13, MySQL Enterprise Edition provides data masking and de-identification capabilities:
Transformation of existing data to mask it and remove identifying characteristics, such as changing all digits of a credit card number but the last four to
'X'characters.Generation of random data, such as email addresses and payment card numbers.
The way that applications use these capabilities depends on the purpose for which the data will be used and who will access it:
Applications that use sensitive data may protect it by performing data masking and permitting use of partially masked data for client identification. Example: A call center may ask for clients to provide their last four Social Security number digits.
Applications that require properly formatted data, but not necessarily the original data, can synthesize sample data. Example: An application developer who is testing data validators but has no access to original data may synthesize random data with the same format.
Example 1:
Medical research facilities can hold patient data that comprises a mix of personal and medical data. This may include genetic sequences (long strings), test results stored in JSON format, and other data types. Although the data may be used mostly by automated analysis software, access to genome data or test results of particular patients is still possible. In such cases, data masking should be used to render this information not personally identifiable.
Example 2:
A credit card processor company provides a set of services using sensitive data, such as:
Processing a large number of financial transactions per second.
Storing a large amount of transaction-related data.
Protecting transaction-related data with strict requirements for personal data.
Handling client complaints about transactions using reversible or partially masked data.
A typical transaction may include many types of sensitive information, including:
Credit card number.
Transaction type and amount.
Merchant type.
Transaction cryptogram (to confirm transaction legitimacy).
Geolocation of GPS-equipped terminal (for fraud detection).
Those types of information may then be joined within a bank or other card-issuing financial institution with client personal data, such as:
Full client name (either person or company).
Address.
Date of birth.
Social Security number.
Email address.
Phone number.
Various employee roles within both the card processing company and the financial institution require access to that data. Some of these roles may require access only to masked data. Other roles may require access to the original data on a case-to-case basis, which is recorded in audit logs.
Masking and de-identification are core to regulatory compliance, so MySQL Enterprise Data Masking and De-Identification can help application developers satisfy privacy requirements:
PCI – DSS: Payment Card Data.
HIPAA: Privacy of Health Data, Health Information Technology for Economic and Clinical Health Act (HITECH Act).
EU General Data Protection Directive (GDPR): Protection of Personal Data.
Data Protection Act (UK): Protection of Personal Data.
Sarbanes Oxley, GLBA, The USA Patriot Act, Identity Theft and Assumption Deterrence Act of 1998.
FERPA – Student Data, NASD, CA SB1386 and AB 1950, State Data Protection Laws, Basel II.
The following sections describe the components of MySQL Enterprise Data Masking and De-Identification, discuss how to install and use it, and provide reference information for its components.
Nederlandse vertaling
U hebt gevraagd om deze site in het Nederlands te bezoeken. Voor nu wordt alleen de interface vertaald, maar nog niet alle inhoud.Als je me wilt helpen met vertalingen, is je bijdrage welkom. Het enige dat u hoeft te doen, is u op de site registreren en mij een bericht sturen waarin u wordt gevraagd om u toe te voegen aan de groep vertalers, zodat u de gewenste pagina's kunt vertalen. Een link onderaan elke vertaalde pagina geeft aan dat u de vertaler bent en heeft een link naar uw profiel.
Bij voorbaat dank.
Document heeft de 26/06/2006 gemaakt, de laatste keer de 26/10/2018 gewijzigd
Bron van het afgedrukte document:https://www.gaudry.be/nl/mysql-rf-data-masking.html
De infobrol is een persoonlijke site waarvan de inhoud uitsluitend mijn verantwoordelijkheid is. De tekst is beschikbaar onder CreativeCommons-licentie (BY-NC-SA). Meer info op de gebruiksvoorwaarden en de auteur.
Referenties
Deze verwijzingen en links verwijzen naar documenten die geraadpleegd zijn tijdens het schrijven van deze pagina, of die aanvullende informatie kunnen geven, maar de auteurs van deze bronnen kunnen niet verantwoordelijk worden gehouden voor de inhoud van deze pagina.
De auteur Deze site is als enige verantwoordelijk voor de manier waarop de verschillende concepten, en de vrijheden die met de referentiewerken worden genomen, hier worden gepresenteerd. Vergeet niet dat u meerdere broninformatie moet doorgeven om het risico op fouten te verkleinen.
