Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account


Data desensitization-- what is data desensitization

2024-05-23 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >


Shulou( Report--

Data desensitization (Data Masking), also known as data bleaching, data de-privacy or data deformation.

Baidu encyclopedia defines data desensitization as: it refers to the deformation of some sensitive information through desensitization rules to achieve the reliable protection of sensitive private data. In the case of customer security data or some commercially sensitive data, transform the real data and provide testing use without violating the system rules. For example, personal information such as × × number, mobile phone number, card number, customer number and so on need to be desensitized.

There are many examples of data desensitization in daily life, such as our most common train tickets and e-commerce consignee addresses that deal with sensitive information, even Beauty, which is familiar to lesbians, and mosaics in some videos.

Second, why data desensitization?

As mentioned above, the transformation of the data "involves customer security data or some commercially sensitive data", indicating that the data we want to transform is related to the security of user or enterprise data. Data desensitization is actually encrypting these data to prevent disclosure.

For the degree of desensitization, generally speaking, as long as the original information can not be inferred, it will not cause information leakage. If you modify too much, it will easily lead to the loss of the original characteristics of the data. Therefore, in the actual operation, we need to select the appropriate desensitization rules according to the actual scene. Change several customer-related fields, such as name, × × number, address, mobile phone number, phone number, etc.

Third, how to realize data desensitization

According to the desensitization rules, it can be divided into recoverable desensitization and irrecoverable desensitization. Recoverable desensitization means that after the data is transformed by desensitization rules, the original data can be restored again after some processing. On the contrary, after irrecoverable desensitization, the data can not be restored to its original appearance. They can be regarded as reversible encryption and irreversible encryption respectively.

The scenario we currently encounter is log desensitization, that is, desensitization of the password, even name, × × number and other information in the log.

Before desensitization:

After desensitization:

As shown in the figure above, a careful analysis shows that there are two steps to obtain desensitized data before logging: [get the data to be entered (user entity)] → [serialize], so you can consider implementing desensitization on these two steps. The first method is to process the desensitized field before serializing the entity, and then serialize normally; the second method is to process the desensitized field when the entity is serialized.

Later, we will share the specific methods to achieve data desensitization.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Network Security


© 2024 SLNews company. All rights reserved.