Database tables masking using the SQL CLR technology

Abstract

The article is devoted to the trending problem of the information protection in databases. The authors considering the data protection using masking method. The point of the data masking is in irreversible replacing confidential information in the database (e.g., data that identifying specific individuals) with unclassified data to prevent access by unauthorized users. As usual, the confidential data being replaced with values that seems like real, so they can be used in test systems with guarantee that the original data can not be retrieved, recovered or restored. Masking enables database owners to determine how much sensitive data to be displayed, with minimal impact on an application workflow - data must remain functionally suitable for application processing (mainly in testing and learning tasks, etc.). In this article, the authors propose a method of masking the personal data in the database (DB). This method is implemented as a CLR-build for DBMS MS SQL Server.