Hello Reena,
On 4/16/2014 2:57 AM, reena.kam...@jktech.com wrote:
Client never give production db with sensitive data to oursourced dev team. But
outsourced testing team need a clone of production db for testing. For that
client can give a copy of production db with masked sensitive data.
That's why data masking tool required.
-----Original Message-----
From: "Jigal van Hemert" <ji...@xs4all.nl>
Sent: Wednesday, 16 April, 2014 11:56am
To: mysql@lists.mysql.com
Subject: Re: Data masking for mysql
Hi,
On 15-4-2014 18:42, Peter Brawley wrote:
On 2014-04-15 5:37 AM, reena.kam...@jktech.com wrote:
It can be done by data masking tool itself. Its one time activity, I
do not need it again & again.
Rilly? If that's so, the data will never be accessed.
I'm starting to think that a concept has been made that includes a
database with the original data, a copy with the "masked" data and then
there just needs to be a tool that copies the data and modifies
("masks") some fields. Whatever solution we come up with (views, db copy
with an update query that modifies the data, ...) it will not be
accepted unless it fits the original concept.
Most likely the client came up with the concept and then this outsourced
development team doesn't dare to suggest that a different concept is
probably a better way to reach the goal. But, I may be wrong here :-)
The only tool you need is a well-formed query or set of queries and
perhaps a function or two (either one of the built-in functions or one
you construct yourself)
Instead of executing the direct query
"SELECT field1, sensitiveField, field3 FROM ..."
You run some manipulation on the `sensitiveField` field like this
"SELECT field1, CONCAT('xxxxxxxx',right(sensitiveField,4)), field3
FROM ... "
http://dev.mysql.com/doc/refman/5.6/en/string-functions.html
If you don't like that particular transformation, how about a hashing or
encryption function?
http://dev.mysql.com/doc/refman/5.6/en/encryption-functions.html
The choice of how to obscure their data is up to the provider of the
data. They choose which fields they want to hide and how they want to
hide them. Then, they write very simple queries to create the set of
data they want you to see. These queries can be used to build views or
can be used to send the data into a copy of the table or can be used to
output the data directly to file. These are simple choices.
There is no 'tool' to do this for you. It's a very basic set of queries
that any competent DBA should be able to provide. If neither your
programmers and DBAs nor their programmers and DBAs can write this type
query, you should all seriously question your abilities to be working
with data and look into improving your skills immediately.
Regards,
--
Shawn Green
MySQL Senior Principal Technical Support Engineer
Oracle USA, Inc. - Hardware and Software, Engineered to Work Together.
Office: Blountville, TN
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql
