Olov is a developer with experience from many fields, where information security is a personal favorite. He leverages his breadth and know-how to develop dynamic access control solutions. Before Olov joined Axiomatics he was working at Ericsson with Multimedia Access and Authorization.

Dynamic data masking using a function call

In a previous blog post Andrew Hindle discussed the difference between Data Access Filtering and Dynamic Data Masking. This blog post investigates the advantages of combining these two approaches. As of version 1.2, the Axiomatics Data Access Filter for Multiple Databases (ADAF MD) introduces masking capabilities. At the core, Data Access Filtering is an application of Attribute Based Access Control (ABAC) based on the expressiveness of the XACML language. The dynamic data masking capabilities in ADAF MD make use of the same XACML-powered authorization engine, which means data masking in this context can be made subject to complex business rules expressed in the XACML language. The expressiveness of this policy language enables the implementation complex business rules that are far more advanced than the relatively simple rules that data masking solutions typically are based on so far.

This post explains how to perform a custom data masking on a column using ADAF MD.

Continue reading
4202 Hits