Design And Implementation Of Static Data Masking System

Since the third industrial revolution,Internet technology has developed rapidly with an astonishing trend,and information technology is becoming more and more developed.Many organizations or individuals keep a large amount of various data information of individual citizens.How to ensure that these data are not leaked,and to prevent personal privacy data from falling into the wrong hands has become an important research issue in the field of data security.The existing methods of protecting personal privacy and sensitive data are likely to cause the actual meaning of the original data to be lost.The data types supported for processing are single,the desensitization results are irreversible,and the processing of large amounts of data takes a long time.Therefore,this thesis designs and implements a new static data masking system.The realization of this system is mainly divided into four steps.The first step is the configuration of basic work environment information and the connection of the corresponding source database and target database to determine the data masking mode;the second step is to read the personal privacy sensitive data to be processed in the database and identify the personal privacy sensitivity The type of data,sort out the recognition results,and calculate the proportion of the corresponding type of personal privacy sensitive data in the total data volume;the third step is to desensitize the personal sensitive privacy data according to the known configuration information,and then the results Write to the target database;the fourth step is to compare the sensitive data before and after masking to facilitate the user to verify the validity of the masking results.Therefore,this thesis mainly performs the following work:(1)Write a personal privacy sensitive data type scanner.The function of the personal privacy sensitive data type scanner is mainly to read data from the source database and write it into an intermediate file,and then adjust the priority of individual sensitive type recognition according to the encoding characteristics of each type of personal privacy sensitive data and the application Strategies to achieve accurate identification of various types of personal privacy sensitive data types.(2)Analyze the encoding rules of more than 30 types of sensitive data supported by the system,and write corresponding random masking,forward masking,reverse masking,and shadow masking according to the encoding characteristics of each type of sensitive data masking algorithm in four desensitization modes.The innovation of the system in this thesis is that when identifying unknown sensitive data,the accuracy reaches 96%,reducing manual combing operation,and it has the characteristics of multiple types of personal privacy sensitive data.The addition and deletion of sensitive data types that support processing can be implemented according to the specific scenario requirements of the user application,and the masking results in random masking,forward masking,and reverse masking modes maintain the original practical significance of the data.The combination of reverse masking achieves the reversibility of the masking results.Compared with the existing static data masking system,it has the advantage of short time in processing T-level data volume.