Browse Prior Art Database

Data Masking Algorithm

IP.com Disclosure Number: IPCOM000037069D
Original Publication Date: 1989-Nov-01
Included in the Prior Art Database: 2005-Jan-29
Document File: 2 page(s) / 59K

Publishing Venue

IBM

Related People

Arnold, HH: AUTHOR [+2]

Abstract

Disclosed is an algorithm for masking and unmasking data in a database to prevent unauthorized users and programs from browsing the data.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 54% of the total text.

Page 1 of 2

Data Masking Algorithm

Disclosed is an algorithm for masking and unmasking data in a database to prevent unauthorized users and programs from browsing the data.

BACKGROUND: In the Database Manager Subsystem of OS/2* EE, the need exists to prevent users from easily browsing database files. Since the OS/2 SE Operating System does not provide a secure file system, the only way to accomplish this is to encode data in the files so that the user cannot interpret it using generally available editors and browse programs. Likewise, a means is needed to prevent user-written applications from accessing database data that may be addressable in the database manager's memory.

PROBLEM AND RESOLUTION: Standard encryption algorithms provide a high level of data security, but software encryption, without the assistance of special hardware, which is very time consuming and in a database system, would severely impact on system performance.

Data Masking: The OS/2 EE Database Manager provides a set of services to support the objectives of preventing database data from being browsed by a program running in the same machine (database server) as the database. This is accomplished by masking both data contained on the server's database disk files and certain sensitive data being used in memory. Masking is a faster, less secure, technique to prevent casual browsing database files and data. Classical encryption of database files, though more secure, entails severe performance degradation. F...