Scribd
Upload
6 views2 pages

AP21110011107 CDM Assignment-7

Uploaded by

Devu Narayana
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views2 pages

AP21110011107 CDM Assignment-7

Uploaded by

Devu Narayana
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Srihitha Kalyanapu

AP21110011126

1. Transparent Database Encryption (TDE)

• Definition: TDE is a method that encrypts the entire database, including data files, backups,
and logs, at rest without altering how applications access the database.

• How It Works: It encrypts the data at the storage level using encryption keys. When data is
read from the disk, it is automatically decrypted for the user. Similarly, any data written back
to the disk is encrypted.

Purpose: It protects against unauthorized access to data at rest, ensuring that even if
physical access to database files is obtained, the data remains secure.

2. Dynamic Data Masking (DDM)

• Definition: Dynamic Data Masking obscures sensitive data in real-time by masking it when
queried by non-privileged users.

• How It Works: It provides a way to create a mask for specific fields, such as credit card
numbers, social security numbers, etc. When data is retrieved by a user without the required
permissions, the data appears in a masked form (e.g., replacing digits with 'X' or '*').

Purpose: This helps protect sensitive data from being exposed to unauthorized users while
allowing applications to access data as needed.

3. Create a Dynamic Data Mask Example

Here’s an example using SQL Server to create a masked column:

1. Create a Table:

CREATE TABLE Employees (

EmployeeID INT PRIMARY KEY,

FullName NVARCHAR(100),

SSN NVARCHAR(11) MASKED WITH (FUNCTION = 'partial(0,"XXX-XX-",4)') NULL,

Email NVARCHAR(100) MASKED WITH (FUNCTION = 'email()') NULL

);
2. Insert Data:

INSERT INTO Employees (EmployeeID, FullName, SSN, Email)

VALUES

(1, 'Will Smith', '123-45-6789', '[email protected]'),

(2, 'Kane Williams', '987-65-4321', '[email protected]');

3. Query the Table:

• For users with permission, it would display:

SELECT * FROM Employees;

EmployeeID FullName SSN Email


1 Will Smith 123-45-6789 [email protected]
2. Kane Williams 987-65-4321 [email protected]

For users without permission, it would display masked data:

EmployeeID FullName SSN Email


1. Will Smith XXX-XX-6789 [email protected]
2. Kane Willaims XXX-XX-4321 [email protected]

You might also like