1. Field of the Invention
The present invention relates to devices and processes that protect the proprietary nature of certain data of a party while being used by a third party.
2. Discussion of Related Art
It is a well known practice in today's business climate to have a business hire an outside development firm to develop hardware and software applications to be sold to the business and designed to process data of the business to reduce labor costs and get more value out of their IT (Information Technology) budgets. However, before the hardware and software application are released to the business for every day use, it is necessary to test the hardware and software. In the past, businesses have provided the development firm with copies of real production data to develop and test the hardware and software. Naturally, this allows the development firm to view information that is proprietary to the business. This leaves the business vulnerable to theft or improper use of the proprietary information by the development firm, an employee of the development firm or a third party who obtains the information directly or indirectly from the development firm,
One solution to the above problem is to use a testbed that contains fictional data during the testing of the hardware and the software application by the development firm or an outside testing firm. However, this requires that the testbed be constantly maintained by a team and updated every time the hardware and software application is retested or updated (for example, data model changes). Also, this same process would need to be applied to all other hardware and software applications that undergo retesting and updating by the development firm or an outside testing firm. Accordingly, there is a great deal of redundant work that needs to be done and the benefit of developing hardware and software applications by development firms can be easily offset by the overhead of maintaining these testbeds with fictional data.
Another possible solution to the problem is to develop a custom process to mask each business application's sensitive data. This would involve developing and maintaining separate processes for each of the applications that contain sensitive data. This approach is not feasible in business environments where there is integration between applications. As a result, testing groups within a business that need to test the integration of customer data between multiple systems, but the data is masked differently in each system, will not be able to perform an adequate level of end-to-end testing of business processes.
Another possible solution to the problem is to purchase, customize, and maintain a third party packaged tool that performs data masking. Examples of third party tools that performs data masking are: Relational Tools made by Princeton Softech of Princeton, N.J., TestBase made by Macro 4/SoftBase of Asheville, N.C. and File-Aid made by CompuWare of Detroit, Mich. However, these tools either work only for certain database vendors (such as IBM, DB2, IMS or Oracle), database types (such as QSAM or VSAM) or server platforms (such as a mainframe). The masking process that these tools use vary, but overall limit the ability to perform effective data masking. The above-mentioned tools must be installed on the same platform as the datastore of the business application. Since most of these tools were originally developed for use on mainframe applications, they are either limited to supporting mainframe-based business applications or they have been adapted for use on limited types of other platforms, but not providing a complete set of data masking functionality. Such is the case with the previously mentioned File-Aid tools made by CompuWare. Its version that supports the Oracle relational database does not have the full set of functionality that the original mainframe-based version has.
Another disadvantage of third party tools, such as Princeton Softech's Relational Tools, is that they require human intervention to create and store new relationships between original data and masked data and so can increase overhead costs.
One masking process that is offered is to scramble a value. This means that within a field, the position bytes of the characters or numeric values can be rearranged (e.g. 123456→153426 or ABCDE→ABEDC). The drawback is that the characters of the original value are still present and can be unscrambled with relative ease by an individual.
A second masking process used by third party tools is to replace the original value with a randomly generated value. The drawback to this is that each time the same original value is masked, the resulting masked value will be different, preventing testing groups from having consistently masked data to test.
A third masking process used by third party tools is to translate the original value with a predefined value from a reference table called the Two Column Translate Table. This table needs to be predefined. Some tools provide this masking process, but not for all platforms, database types, or vendors.