UNDER THE GUIDANCE OF

Prof. MANJUNATH T N

BY
ANJALI ARIGELA GEETHA H S NAVYA P PALLAVI H

Definition the relationship between technology and the expectation of privacy in the collection and sharing of personally identifiable information

Includes: names, SSNs, addresses, phone numbers, credit card #s, financial records, medical records, etc. Information is an organizations most valuable asset

DATA MASKING- The data is replaced with realistic but not original data. OBJECTIVE- To make sensitive information not to be made available to the outside world. It provides the copy of the production data in support of development environment and in this way it controls the leakage of data. Data masking designed to be repeatable so referential integrity is maintained. For example- consider, a situation where in the users of the test ,development or training databases do not need to see the actual sensitive information, only the data required for them for alteration is sufficient. In such a way for that sensitive information to be altered we make use of the effective data masking techniques.

Substitution Shuffling Number and data variance Encryption Nulling out or deletion Masking out Row-internal synchronization Table-internal synchronization Table-to-table synchronization

Replaces the existing data with information that looks similar but is completely unrelated to the real details. Ex: the telephone numbers of a customer are being sanitized by a list of phone number that are being available. 09876784362(this is the original number and is masked by list of phone numbers that is being present in the table.)

09987162628(after masking the number may be saved as any other number)

1. 2.

This technique uses the existing data as its own substitution dataset and moves the data between rows in such a way that no values are present in their original rows. Similar to substitution except the substitution data is derived from the column itself. The only danger present with this is that the data is still present. Not effective for small amount of data. AdvantageFor large amounts of data. Fast.

1.

2.

This technique varies the existing values in a specified range Useful on date and numeric data Ex: birth date values could be changed within a range of +/- 60 days. Advantage: It prevents attempts to discover true records using known date data or the exposure of sensitive numeric or date data. Provides reasonable disguise for the data.

This technique algorithmically scrambles the data. It does not leave the data to look realistic and can sometimes makes the data look larger. This technique also offers the option of leaving the data in place and visible to those only with the appropriate key and will remain useless without the key. Comparatively the most secure method among all the others. Never ever use a simplistic encryption scheme. For example: Letter A being replaced by X and replacing the letter B by M because its easy to decrypt based on letter frequency probabilities.

Increases protection against data theft

Enforces need to know access Researchers in 2006 found that almost 80 to 90 per cent of Fortune 500 companies and government agencies have experienced data theft

Reduces restrictions on data use

Provides realistic data for testing, development, training, outsourcing, data mining/research, etc.

Enables off-site and cross-border software development and data sharing Supports compliance with privacy legislation & policies Data masking demonstrates corporate due diligence regarding compliance with data privacy legislation Improves client confidence Provides a heightened sense of security to clients, employees, and suppliers

Data Utility - masked data must look and act like the real data proper testing and development application edits data validations Data Relationships - must be maintained after masking

database level RI
application level RI data synchronization (interrelated database RI)

Existing Business Processes - needs to fit in with existing processes

fit in with existing IT and refresh processes automation of masking process

Ease of Use - must balance ease of use with need to intelligently mask data

need to have usable data that does not release sensitive information knowledge of specialized IT/privacy topics and algorithms should be pre-configured and built into masking process any solution/process must have the ability to be easily updated and customized must have ability for masking methods and the overall solution to be customized

Customizable - must be able to be tailored to specific needs

The product requirements are

Database Support Application Support Platform/System Support Functional Requirements

Built on Open Standards Ensures a solution that is flexible and portable if IT requirements and strategies change Database and platform independence - provides broad database and platform support Multi-Database Connectivity Required for integrated environments where several applications/databases interact

Support 3 Levels of Relational Integrity: Database Defined: Easily references and relies on meta-data and ensures that all indexes, triggers, etc. are maintained Application Defined: Simplifies the process of enforcing application-defined relationships e.g. PeopleSoft Data Synchronization: Ability to synchronize masked values across databases within integrated environments

Security and Utility of Masked Data Are masking methods intelligent and robust Is randomization of masking methods present, and does solution appropriately mask data (sufficiency, computationally correct, fully functional, etc.) Ease of Use Simple to install, intuitive and easy to use No manual mapping from source to destination database(s), no manual mapping of relationships, etc. Included as part of an automated refresh process