tursodatabase/libsql

Dynamic data masking

Open

#90 geöffnet am 15. Dez. 2022

Auf GitHub ansehen
 (1 Kommentar) (2 Reaktionen) (0 zugewiesene Personen)C (490 Forks)batch import
enhancementhelp wanted

Repository-Metriken

Stars
 (16.744 Stars)
PR-Merge-Metriken
 (Durchschn. Merge 23h 19m) (1 gemergte PR in 30 T)

Beschreibung

SQL Server, for example, has a neat feature, which is useful for data protection:

https://learn.microsoft.com/en-us/sql/relational-databases/security/dynamic-data-masking?view=sql-server-ver16

What you can do is attach a "masking policy" to a column in a table. For example, email addresses (that are personal information) could be masked by having a MASKED WITH augmentation on a SQL table:

CREATE TABLE users(
    email TEXT MASKED WITH (FUNCTION = 'email()') NOT NULL,
);

Queries to the table would mask out the email address with an anonymized "anon@example.com" version, for example. However, users could still see their own email addresses with another SQL extension that SQL Server has:

EXECUTE AS USER = 'penberg';  

Dynamic data masking is particularly useful in scenarios where database is replicated and you want the extra layer of protection while still serving queries. Please note that there's bound to be some overlap with LumoSQL security features here.

Contributor Guide