The present invention relates to masking database operations so that sensitive parts of an information set are hidden while other parts of the information set are disclosed. In particular, the present invention relates to masking database operations in a database management system (DBMS) such that a minimum amount of information is shared.
One of the most valuable assets of an organization is the production data that it accumulates as a result of its computer operations. Organizations need to share this production data with various constituents for a variety of business purposes, while also protecting sensitive or personally identifiable aspects of the information. At the same time, various parties also have a legitimate need to gain access to this production data. For example, most organizations need to copy production data into test and development environments to allow application developers to test specific components that have failed in production.
Production data is often one of the best sources of data for meaningful tests because it contains actual special cases and quantity structures that programs have to be able to support. In addition, production data poses the unique ability to be able to reproduce a specific real-world problem or scenario that has occurred in a production environment.
Contemporary techniques for sharing and protecting sensitive data include techniques for masking data based on the nature of masking policies, such as that described in U.S. Patent Publication No. 20090100527 “Real-time Enterprise Data Masking.”
Another contemporary technique for sharing information containing sensitive data is by to provide random test data based on masking algorithms in place of the sensitive data. This random test data is generated based on rules such as the type, length and range of data and may be used to test software components for various test case scenarios.