Avatar of sunhux
sunhux

asked on 

one-way data "masking" MD5 sql

Refer to attached sql script which my DBA colleague plan to use to
"mask" sensitive data in the DB (I presume it's Oracle).

Q1:
Is this a 1-way hashing or the 'masked' data can be 'unhashed' back?

Q2:
Is this MD5 the industry practice or there are more secure ways of 'masking' it

Q3:
How do people verify the 'hashed' data?   Do we do 'norows export' & randomly
check the exported tables or is there a way to export out table by table of the
hashed tables?

Q4:
What are the things to look out for in the logs to verify this 'masking' process
completed successfully or how can I amend this script further so that it will
log down its activities for verification?

Q5:
How does the script ensure that the keys that link the various tables are 'hashed'
together so that it does not break the entity relationship & the 'masked' database
can still be used by the vendor we're sending this database to?

Q6:
How do people normally send such a 'masked' Oracle DB out : by encrypted tapes
or USB HDD or slowly via sftp over Internet?
EncryptionDatabasesOracle DatabaseSecurity

Avatar of undefined
Last Comment
skullnobrains

8/22/2022 - Mon