Changtai Data dynamic desensitization system (referred to as CT-DBM), by intercepting and modifying the database communication content, the sensitive data in the database for online shielding, deformation, character replacement, random replacement and other processing, to achieve the user access to the real content of sensitive data permission control。For sensitive data stored in the database, through the desensitization system, users with different permissions will get different results。The system supports the off-line agent and in-line agent deployment modes, providing excellent performance, flexible configuration, simple use, and stable operation。It can help customers reduce the risk of sensitive data breaches in production repositories, reduce data leaks during development, testing, and data delivery, and easily meet compliance requirements for private data management。
Product function
Real-time dynamic desensitization
For the production data that needs to be shared or the data testing and training scenarios that require high timeliness, it provides the dynamic desensitization technology based on the gateway proxy mode to achieve the effect of real-time fuzzy sensitive data。Dynamic desensitization enables transparent and real-time desensitization of sensitive data in the business system database。
Dynamic desensitization can be controlled based on multiple identity characteristics such as database user name, IP address, client tool type, and access time。
Dynamic desensitization can be used to release, mask, hide and control the returned data in the production database。
Desensitization log audit
The system saves the generated logs to the desensitized system. Users can query and collect statistics on the logs of operation and maintenance personnel to audit the database。Audit fields include occurrence time, connection rule, database, security rule, Action, SQL, client user name, client host, client program, and login account。