18 DynamicDataMasking

Uploaded by

inba raj

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

11 views10 pages

18 DynamicDataMasking

Uploaded by

inba raj

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 10

Dynamic Data Masking

by
Janardhan Bandi
Agenda
• Column level security
• Masking policies
• Dynamic data masking
• Creating masking policies
• Applying masking policies
• Altering or Dropping policies
Column Level Security
• Column-level Security in Snowflake allows the application of a masking policy to a column
within a table or view.
• To protect sensitive data like customers PHI, bank balance info etc.
• Column-level Security includes two features:
• Dynamic Data Masking
• External Tokenization

• Dynamic Data Masking is a is the process of hiding data by masking with other
characters. We can create masking policies to hide the data present in columns.
• Tokenization is the process of hiding sensitive data by replacing it with cypher text.
External Tokenization makes use of masking policies with external functions created at
external cloud provider side.
Masking Policies
• Snowflake supports masking policies to protect sensitive data from unauthorized access while
allowing authorized users to access at query runtime.
• Masking policies are schema level objects.
• Masking policies can include conditions and functions to transform the data when those conditions
are met.
• Same masking policy can be applied on multiple columns.
Dynamic data masking
• Sensitive data in Snowflake is not modified in an existing table. But when users execute a query it
will apply the masking dynamically and displays the masked data, hence called dynamic data
masking.
• The data can be masked, partially masked, obfuscated(unclear), or tokenized data.
• Unauthorized users can operate the data as usual but they can't view the data.
• Mostly masking policies applied based on the Roles.
Creating Masking Policies
• Masking policies can be created with CREATE MASKING POLICY command as shown below.

// Based on the role

create masking policy employee_ssn_mask as (val string) returns string ->
case when current_role() in ('PAYROLL') then val else '******’ end;

// Based on some condition

create masking policy email_visibility as
(email varchar, visibility string) returns varchar ->
case
when current_role() = 'ADMIN' then email
when visibility = 'Public' then email
else '***MASKED***'
end;
Applying Masking Policies
• After creating masking policies, we can apply them wherever we have a requirement to
protect the data or hide that data.
• This policy should be applied at column level.
• We can apply same policy on multiple columns from multiple tables and views.

// Setting or applying Masking Policy

ALTER TABLE public.employee MODIFY COLUMN ssn
SET MASKING POLICY employee_ssn_mask;

ALTER TABLE public.employee

MODIFY COLUMN ssn SET MASKING POLICY employee_ssn_mask,
MODIFY COLUMN email SET MASKING POLICY email_visibility USING(email, visibility);
Removing Masking Policies
// Unsetting or removing Masking Policy

ALTER TABLE public.employee

MODIFY COLUMN ssn UNSET MASKING POLICY;

ALTER TABLE public.employee

MODIFY COLUMN ssn UNSET MASKING POLICY,
MODIFY COLUMN email UNSET MASKING POLICY;
Altering and Dropping Policies
// Altering or modifying
ALTER MASKING POLICY policy_name SET BODY -> <Case Statement>;

ALTER MASKING POLICY policy_name RENAME TO new_policy_name;

// Dropping
DROP MASKING POLICY policy_name;

Limitations:
1. Before dropping masking policies, we should unset them.
2. Data type of input and output values must be same.
Thank You

Snowflake Interview 2024 03
100% (1)
Snowflake Interview 2024 03
167 pages
Data Masking Using Enterprise Manager - Managing Sensitive Information in Non-Production Environments
No ratings yet
Data Masking Using Enterprise Manager - Managing Sensitive Information in Non-Production Environments
28 pages
Snowflake Data Governance Guide
No ratings yet
Snowflake Data Governance Guide
35 pages
Data Masking: Techniques & Implementation
No ratings yet
Data Masking: Techniques & Implementation
57 pages
Masking Sensitive Data in Oracle Database: Maja Veselica, Consultant
No ratings yet
Masking Sensitive Data in Oracle Database: Maja Veselica, Consultant
62 pages
C1 Editable End-Of-Year Test
No ratings yet
C1 Editable End-Of-Year Test
9 pages
Snowflake Row-Level Security Using Row Access Policies - by Debi Prasad Mishra - Snowflake - Jan, 2023 - Medium
No ratings yet
Snowflake Row-Level Security Using Row Access Policies - by Debi Prasad Mishra - Snowflake - Jan, 2023 - Medium
5 pages
Understanding Robotic Process Automation White Paper Hackett Group Canon Business Process Services
No ratings yet
Understanding Robotic Process Automation White Paper Hackett Group Canon Business Process Services
7 pages
PSC 1000
67% (3)
PSC 1000
2 pages
3d Printer PDF
No ratings yet
3d Printer PDF
90 pages
HXGN MineOperate OP Pro For Customer V1
No ratings yet
HXGN MineOperate OP Pro For Customer V1
25 pages
Clinical Data Management
No ratings yet
Clinical Data Management
5 pages
How To Download A Scientific Paper: To My Dear Advisor: Simonina Ol 'Ga Aleksandrovna
No ratings yet
How To Download A Scientific Paper: To My Dear Advisor: Simonina Ol 'Ga Aleksandrovna
19 pages
Developing Extensible Data Security Policies AX2012
No ratings yet
Developing Extensible Data Security Policies AX2012
14 pages
Data Redaction (DBMS - REDACT) in Oracle Database 12c Release 1 (12.1)
No ratings yet
Data Redaction (DBMS - REDACT) in Oracle Database 12c Release 1 (12.1)
13 pages
Pakdd 2018 Workshops Bdasc BDM Ml4cyber Paisi Damemo Melbourne Vic Australia June 3 2018 Revised Selected Papers Mohadeseh Ganji
No ratings yet
Pakdd 2018 Workshops Bdasc BDM Ml4cyber Paisi Damemo Melbourne Vic Australia June 3 2018 Revised Selected Papers Mohadeseh Ganji
141 pages
Data Masking - Snowflake
No ratings yet
Data Masking - Snowflake
3 pages
Azure SQL Database Security v5
No ratings yet
Azure SQL Database Security v5
29 pages
The Magic Cafe Forums - Psychological Subtleties
No ratings yet
The Magic Cafe Forums - Psychological Subtleties
5 pages
Railway Database Design Guide
50% (2)
Railway Database Design Guide
16 pages
Snowflake Quiz: Roles, Queries, and Features
No ratings yet
Snowflake Quiz: Roles, Queries, and Features
475 pages
Zend Framework
No ratings yet
Zend Framework
229 pages
Brochures FX Y
No ratings yet
Brochures FX Y
20 pages
Prolink ShareHub Device Server
No ratings yet
Prolink ShareHub Device Server
33 pages
5 Ethical Hacking
No ratings yet
5 Ethical Hacking
37 pages
ZWindows 10 Keyboard Shortcut
No ratings yet
ZWindows 10 Keyboard Shortcut
25 pages
How To Execute Field Extension of ACDOCU - 1909 - V6
No ratings yet
How To Execute Field Extension of ACDOCU - 1909 - V6
21 pages
DataMasking Using DataStage
No ratings yet
DataMasking Using DataStage
60 pages
Virtual I/O Architecture and Performance: Li Ming Jun
No ratings yet
Virtual I/O Architecture and Performance: Li Ming Jun
41 pages
Understanding and Selecting Data Masking Solutions: Creating Secure and Useful Data
100% (1)
Understanding and Selecting Data Masking Solutions: Creating Secure and Useful Data
33 pages
Dynamic Data Masking
No ratings yet
Dynamic Data Masking
18 pages
FDMS - Adobe Photoshop - Course Outline
No ratings yet
FDMS - Adobe Photoshop - Course Outline
6 pages
English Wikipedia
No ratings yet
English Wikipedia
4 pages
Part 6 Chapter 5
No ratings yet
Part 6 Chapter 5
64 pages
Supply Chain Flowchart
No ratings yet
Supply Chain Flowchart
8 pages
Oracle Data Masking and Subsetting
No ratings yet
Oracle Data Masking and Subsetting
3 pages
SQL Server Row Level Security by Example
100% (1)
SQL Server Row Level Security by Example
6 pages
Sts Reviewer
No ratings yet
Sts Reviewer
14 pages
Assignment MET1233
No ratings yet
Assignment MET1233
12 pages
Data Masking for Oracle DBAs
No ratings yet
Data Masking for Oracle DBAs
53 pages
VMware Setup for Pexip Infinity
No ratings yet
VMware Setup for Pexip Infinity
23 pages
Lempel-Ziv-Welch (LZW) - Is A Universal Lossless Data Compression Algorithm Created by Abraham
No ratings yet
Lempel-Ziv-Welch (LZW) - Is A Universal Lossless Data Compression Algorithm Created by Abraham
5 pages
Dynamic Data Masking Into
No ratings yet
Dynamic Data Masking Into
7 pages
Xii - Computer Science
No ratings yet
Xii - Computer Science
8 pages
SQL Server Clustering
No ratings yet
SQL Server Clustering
2 pages
Image Captioning - 20250417 - 182046 - 0000
No ratings yet
Image Captioning - 20250417 - 182046 - 0000
3 pages
Model CV1
No ratings yet
Model CV1
2 pages
MC AWS Dynamic DataMasking
No ratings yet
MC AWS Dynamic DataMasking
9 pages
Dynamic Vs Static Timing Analysis
No ratings yet
Dynamic Vs Static Timing Analysis
4 pages
AP21110011107 CDM Assignment-7
No ratings yet
AP21110011107 CDM Assignment-7
2 pages
BCA DBMS Exam June 2023
No ratings yet
BCA DBMS Exam June 2023
2 pages
Azure - Practice Assignment 01
No ratings yet
Azure - Practice Assignment 01
97 pages
IBM® Optim™ Data Privacy Solution: Protect The Privacy of Confidential Information in Non-Production Environments
No ratings yet
IBM® Optim™ Data Privacy Solution: Protect The Privacy of Confidential Information in Non-Production Environments
4 pages
ERP Security Issues
No ratings yet
ERP Security Issues
3 pages
Understanding and Selecting Data Masking Solutions: Creating Secure and Useful Data
No ratings yet
Understanding and Selecting Data Masking Solutions: Creating Secure and Useful Data
33 pages
Gui Masking
No ratings yet
Gui Masking
32 pages
Comprehensive Guide to Data Security
No ratings yet
Comprehensive Guide to Data Security
44 pages
Row and Column Access Control (Column Masking)
No ratings yet
Row and Column Access Control (Column Masking)
6 pages
Chapter 2
No ratings yet
Chapter 2
41 pages
Snowflake Data Governance Tips 2024
No ratings yet
Snowflake Data Governance Tips 2024
13 pages
IT Data Security
No ratings yet
IT Data Security
26 pages
Data Masking for IT Professionals
No ratings yet
Data Masking for IT Professionals
26 pages
UI Data Security (UI Masking and UI Logging) - External Presentation L1
No ratings yet
UI Data Security (UI Masking and UI Logging) - External Presentation L1
48 pages
For Company Acme. The Conditions Can Also Be More Complex Such As Olive Can View Company Acme Data But Only Between 2017-2018 - A User Can Have Multiple Analytic
No ratings yet
For Company Acme. The Conditions Can Also Be More Complex Such As Olive Can View Company Acme Data But Only Between 2017-2018 - A User Can Have Multiple Analytic
1 page
DDM Introduction Part1
No ratings yet
DDM Introduction Part1
19 pages
White Paper Data Masking 101 Final2022
No ratings yet
White Paper Data Masking 101 Final2022
14 pages
MaskingPolicy Naga2
No ratings yet
MaskingPolicy Naga2
2 pages
Governance & Risk Management Guide
No ratings yet
Governance & Risk Management Guide
72 pages
What Is Data Masking?
No ratings yet
What Is Data Masking?
25 pages
PostgreSQL Data Masking Guide
No ratings yet
PostgreSQL Data Masking Guide
45 pages
ASUG84339 - How To Secure Privacy Data in A Hybrid S4HANA Landscape
No ratings yet
ASUG84339 - How To Secure Privacy Data in A Hybrid S4HANA Landscape
26 pages
Security en Ha Cements
No ratings yet
Security en Ha Cements
21 pages
Week07DatabaseSecurity 170579
No ratings yet
Week07DatabaseSecurity 170579
31 pages
Masking Techniques
No ratings yet
Masking Techniques
3 pages
It Data Security
No ratings yet
It Data Security
7 pages
Oracle Data Masking Guide for Admins
No ratings yet
Oracle Data Masking Guide for Admins
30 pages
Security Policies for IT Compliance
No ratings yet
Security Policies for IT Compliance
5 pages
Dynamic Data Masking
No ratings yet
Dynamic Data Masking
2 pages
CoSc4171 CS Lecture 5 Database Security
No ratings yet
CoSc4171 CS Lecture 5 Database Security
23 pages
Data Masking Concept in Power Center
100% (1)
Data Masking Concept in Power Center
15 pages
Data Masking
No ratings yet
Data Masking
2 pages
Row and Column Access Control (RCAC)
No ratings yet
Row and Column Access Control (RCAC)
2 pages
Research Paper - 22mCI10086
No ratings yet
Research Paper - 22mCI10086
6 pages
D1 - 2 - Column and Row Level Securitys
No ratings yet
D1 - 2 - Column and Row Level Securitys
3 pages
Database Security Assignment
No ratings yet
Database Security Assignment
8 pages
A Robust Dynamic Data Masking Transformation Approach To Safeguard Sensitive Data
No ratings yet
A Robust Dynamic Data Masking Transformation Approach To Safeguard Sensitive Data
5 pages
Real Life+Examples
No ratings yet
Real Life+Examples
2 pages

18 DynamicDataMasking

Uploaded by

18 DynamicDataMasking

Uploaded by

Dynamic Data Masking

// Based on the role

// Based on some condition

// Setting or applying Masking Policy

ALTER TABLE public.employee

ALTER TABLE public.employee

ALTER TABLE public.employee

ALTER MASKING POLICY policy_name RENAME TO new_policy_name;

You might also like