Farley, Peter x23353 wrote:
Data masking may very well be needed to prevent the internal/employee
type of data breach (accidental or malicious). However, it poses the
very serious problem that debugging production issues with production
data cannot (AFAIK) be done with "masking" in place unless the programs
are calling a "demasking" subroutine for every record/database row that
they process.
FSVO "cannot" - in the sixties a colleague of mine, Mike Guzik,
worked at ADR on an NSA contract to write a sort for Stretch.
While Mike is a good programmer, he wasn't perfect, and the sort
occasionally failed. When it did, the security officer needed to
concoct phony data that failed the same way, so they could allow
the dump out of the computer room. While I wouldn't want the
job, they did it without "demasking" any real data.
Gerhard Postpischil
Bradford, VT
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
