As a huawei cloud information giant, Reading Knowledge Cloud is good at presenting complex information in a diversified way. There is always a picture (cloud map), profound and simple blog (cloud class) or short video (cloud vision hall) that can make you quickly start huawei cloud. Click here for more highlights.
Abstract: Huawei Cloud Data Security Center (DSC) provides Data desensitization function, supporting static desensitization and dynamic desensitization in two forms, covering a variety of scenarios, to help you achieve full stack sensitive Data protection.
Share this article from huawei cloud community “cloud small classes | safety class 8 DSC: quickly identify sensitive data and desensitization”, the original author: reading knowledge.
Sensitive data refers to data that may cause serious harm to society or individuals after leakage.
For individuals, private information such as id card numbers, home addresses, work units and bank card numbers are all sensitive data. For enterprises or organizations, core information such as customer data, financial information, technical data, and important decisions are all sensitive data.
Data desensitization: it refers to the modification of sensitive data to hide sensitive information so as to protect sensitive private data. For example, a product needs to use sensitive data for analysis, such as ID card and bank card number, but at the same time needs to protect sensitive data from being illegally viewed or used by others, sensitive data can be covered, deformation and other desensitization processing.
So, how to put on “protective clothing” for sensitive data, effectively protect sensitive data?
DSC helps you easily achieve data desensitization, to ensure that sensitive information is not leaked.
Follow the steps of the small class, two steps to teach you through Huawei cloud DSC sensitive data recognition and desensitization ~~
** WARM tip: **DSC provides dynamic desensitization API interface for your use, please refer to the data dynamic desensitization.
DSC preset 100+ sensitive data recognition and desensitization rules, For sensitive personal information (id card, bank card, name, phone number, email address, etc.), business sensitive information (license number, tax registration certificate number, etc.), key sensitive information (PEM certificate and private key, etc.) HEY, equipment sensitive information (IP address, MAC address, IPV6 address, etc.), position sensitive information (province, city, GPS location, Address, etc.) and general sensitive information (date) and other sensitive information for identification and desensitization. Please refer to desensitization algorithm for specific desensitization algorithm and application scenarios.
Example:
Assume that the “DSC_yunxiaoke” table in the database “RSD-DSC-TEST” stores the following information table of bank employees:
Sensitive data needs to be identified and desensitized for the table. You can select the preset identification rule group of “Banking and Financial Field Template” to identify sensitive data and generate a data report of the identification result. Then, the identified sensitive data is desensitized using SHA256 algorithm in “Hash desensitization”.
Step 1: Identify sensitive data
Procedure Step 1 After purchasing the data security center service, access the DSC management console.
Step 2 In the navigation tree, choose Sensitive Data Identification > Task Identification. The Task Identification page is displayed.
Step 3 Click Add Task. In the Add Task dialog box that is displayed, configure the basic information about the task.
Step 4 Click OK to return to the sensitive data task list.
Step 5 After the task status changes to Identification completed, click Identification Result in the operation column of the task to view the data identification result.
As you can see from the figure above, the Birthday and Email columns are identified as sensitive data risks.
Step 6 Click the risk field to view risk details.
Desensitize Birthday and Email columns of table “dsc_yunxiaoke” in database “RDS-DSC-DSC-test” by referring to “Step 2: Data desensitization”.
End –
Step 2: Data desensitization
DSC supports creating database desensitization task and ES desensitization task. The desensitization method is similar. This section takes creating static database desensitization task as an example to demonstrate.
Procedure Step 1 In the navigation tree on the left, choose Data Desensitization. The Data desensitization > Database desensitization page is displayed.
Step 2 Set Database desensitization toTo enable database desensitization.
Step 3 Click Create Task to configure data Source.
If you want to generate a complete table after desensitization, check all data types here.
Step 4 Click Next and set Desensitization Algorithm.
Step 5 Click Next. The Desensitization Period page is displayed. Set the desensitization period.
Step 6 Click Next, perform Data Target Configuration, and configure the location for storing the table generated after desensitization.
Step 7 Click Finish to return to the database desensitization task list. Click to enable the desensitization task. In the Operation column of the task, click Run Now to execute the desensitization task.
When Status is Completed, desensitization is successful.
End –
Effect verification:
More about the function of DSC, click here to learn about it ~~
Click to follow, the first time to learn about Huawei cloud fresh technology ~