Database permissions governance
The permission control policy do刀區es not require installing any agent a間筆gent on the database server, and obtain秒站s the database table structure t化金hrough the database privileged a紙友ccount, so as to realize the "add空喝, delete, modify, and query" per空光mission management from the database a頻男ccount to the database table leve河民l.
Rich built-in masking algorithms
Built-in a variety of mainstream maskin雜關g algorithms, can mask sensitive f體水ields and generate real and fully fu店風nctional data, including but not 體視limited to: character masking, forensi森文c masking, keyword substitution,湖來 deletion masking, AES masking, SHA mas靜冷king, etc., and can use random亮長ly generated values according to v場人arious constraints to replace sens船人itive fields to achieve random masking.農書
Custom masking algorithm
DDM provides users with high fl信唱exibility in customizing algorit白湖hms, either by copying existing ma頻風sking algorithms for modification愛為 or by writing entirely new masking alg拍新orithms. Users can customize the金醫 masking algorithm according to the吃短ir own data characteristics, policy com們話pliance, application system an是村d other needs.
Application business data masking
For service access masking, DDM c去短an directly shield, encrypt, h花文ide, and audit sensitive data 水民in the production database accessed 土相by business systems through a t現行ransparent serial deployment m訊暗ode, without changing the middleware an通花d client configuration, and ensuring 風車business continuity.
Data masking behavior audit
DDM supports masking behavior au匠我diting, which can audit SQL sta就服tements (before masking), access明人 source information, SQL statement info訊我rmation, and affected objects, a笑有nd provide detailed statement details 業秒pages.
Real-time high-risk operation protect會會ion
DDM's built-in behavioral firewall f東事unction module can control the SQL stat吃現ement operation behavior of DBAs and科到 other O&M personnel, implement 年鐘permission policies based on natur月司al persons, databases, database tables,內吧 fields, high-risk SQL statements, a分相nd where condition queries, and reduce 錯海database operation security risks.
Accurate data access identifica多開tion
Relying on comprehensive and accurate技輛 SQL protocol parsing, DDM can accu說快rately identify sensitive data ac通讀cess behaviors of users through 鐵工O&M tools or application syst微近ems, and will not miss the accurate i訊機dentification and security control of 房妹sensitive objects in complex scenario和這s.