Dynamic Masking is a data masking technique that aims at real-time masking of the data. It changes the data stream so that the requester does not get access to the sensitive data, and no changes to the original data takes place. It masks sensitive data in transit, leaving the original data intact and unaltered. It also prevents masked data from inadvertently written back to the database.
A proxy server is installed between user and target database, thus adding an additional layer of security and privacy control to protect sensitive data. The user connects to the proxy server rather than directly connecting to the target database. The proxy server contains rules for each database user which helps it to identify the objects that the user can see and mask.
The proxy server requires masking policies, which helps the server to identify the columns of the table in a database that should be masked when accessed by a user.
PK Protect creates “dynamic masking policies”, applies them to the target database, transforms the “dynamic masking results” to “masking policies”, and push the masking policies on the proxy server.