Product - DDM（Dynamic Data Masking System）

DDM（Dynamic Data Masking System）

Product Overview Deployment mode Advantages Customer Benefits Classic case

Product Overview

Compliance requirements: Data Security 也拍Law, Personal Information Protect近門ion Law, Regulations on the Security 相行Protection of Critical Information Infr兵南astructure, Measures for Securi要男ty Assessment of Data Export, etc.

Business requirements: data security go吧亮vernance (protection requirements子相 for different levels of data)黃她.

Security requirements: A large amou劇說nt of sensitive data is stored in th讀學e production database, and these 商動real business data are used in a 嗎們large number of work scenarios, if da議微ta leakage or damage occurs, it will 報外not only cause economic losses, bu媽問t also cause a serious trust cr學外isis.

Palladiium Dynamic Data Masking System (DDM) is a 相喝dynamic data masking and maski海坐ng product with high performance and子有 scalability, with fully transparent a男又nd real-time sensitive data masking c有公apabilities, which can dynamical遠視ly shield, encrypt, hide and audi物錢t the data returned by the prod他習uction database differently to ensure西國 that personnel with different permis少年sions can access sensitive dat什費a in the production environment區謝 differently. On the applicatio說歌n side, the deployment mode of tran也友sparent series connection and t兒南hree-layer BYPASS technology ar家器e supported to prevent single poin放在ts of failure of links and ensure custo答服mer service continuity.

DDM is widely used in medical, governm刀門ent, finance, insurance, educati門我on and other industries, and meets rel舊近evant national regulations, policies a影跳nd industry requirements.

Deployment mode

Transparent bridge deployment mode:笑購 Support serial access network to e的月nsure that all access traffic flo場呢ws through DDM in series. With transp科林arent bridge technology, clients 他亮can directly access the IP addres音你s of the database service.

Transparent bridge deployment mode:裡鐵 Support serial access network to e鐘玩nsure that all access traffic fl睡能ows through DDM in series. With tra爸生nsparent bridge technology, clients ca志海n directly access the IP address of th劇他e database service. ...

Advantages

Database permissions governance

The permission control policy do刀區es not require installing any agent a間筆gent on the database server, and obtain秒站s the database table structure t化金hrough the database privileged a紙友ccount, so as to realize the "add空喝, delete, modify, and query" per空光mission management from the database a頻男ccount to the database table leve河民l.

Rich built-in masking algorithms

Built-in a variety of mainstream maskin雜關g algorithms, can mask sensitive f體水ields and generate real and fully fu店風nctional data, including but not 體視limited to: character masking, forensi森文c masking, keyword substitution,湖來 deletion masking, AES masking, SHA mas靜冷king, etc., and can use random亮長ly generated values according to v場人arious constraints to replace sens船人itive fields to achieve random masking.農書

Custom masking algorithm

DDM provides users with high fl信唱exibility in customizing algorit白湖hms, either by copying existing ma頻風sking algorithms for modification愛為 or by writing entirely new masking alg拍新orithms. Users can customize the金醫 masking algorithm according to the吃短ir own data characteristics, policy com們話pliance, application system an是村d other needs.

Application business data masking

For service access masking, DDM c去短an directly shield, encrypt, h花文ide, and audit sensitive data 水民in the production database accessed 土相by business systems through a t現行ransparent serial deployment m訊暗ode, without changing the middleware an通花d client configuration, and ensuring 風車business continuity.

Data masking behavior audit

DDM supports masking behavior au匠我diting, which can audit SQL sta就服tements (before masking), access明人 source information, SQL statement info訊我rmation, and affected objects, a笑有nd provide detailed statement details 業秒pages.

Real-time high-risk operation protect會會ion

DDM's built-in behavioral firewall f東事unction module can control the SQL stat吃現ement operation behavior of DBAs and科到 other O&M personnel, implement 年鐘permission policies based on natur月司al persons, databases, database tables,內吧 fields, high-risk SQL statements, a分相nd where condition queries, and reduce 錯海database operation security risks.

Accurate data access identifica多開tion

Relying on comprehensive and accurate技輛 SQL protocol parsing, DDM can accu說快rately identify sensitive data ac通讀cess behaviors of users through 鐵工O&M tools or application syst微近ems, and will not miss the accurate i訊機dentification and security control of 房妹sensitive objects in complex scenario和這s.

Customer Benefits

Data security protection: effectively protect the security of sen來些sitive data, effectively reduce the r上坐isk of data leakage by desensitiz校從ing data, and improve the confidentiali木雨ty and privacy of data;

Compliance compliance: Many industries 畫就and regions have corresponding data p視資rotection regulations and compliance r舊玩equirements, and the use of DDM can ens快南ure that enterprises comply wi服關th relevant regulations and regulations城拿 and avoid possible penalties;

Ensure business continuity: Based on transparent series connection商技 and three-layer BYPASS technology, 門刀it can accurately desensitize core da鐘章ta and ensure business continuity;

Cost reduction: Using DDM can reduce the cost of dat樂睡a replication and management. Since th放醫e masked data can be used in t畫店he production environment, it is雨家 no longer necessary to replicate an了土d manage the data in the producti相輛on environment, avoiding data re白人dundancy and additional storage costs.村空

Classic case