Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
pmscorca
Helper V
Helper V

How classifying the dynamic data masking algorithms

‎07-04-2024 02:53 AM

Hi,

I need to understand how classifying the algorithms (default, email, random, partial) related to the dynamic data masking feature: Dynamic data masking in Fabric data warehousing 
So, are these data anonymization or substitution or shuffling or redaction or other ones? Thanks

Message 1 of 5
446 Views
0
4 REPLIES 4
v-shex-msft
Community Support
Community Support

‎07-04-2024 06:57 PM

Hi @pmscorca,

In fact, this feature not affect the actual data in database, it only apply the rule to format the query result to limit exposure of sensitive data.
Notice:

1. dynamic data masking doesn't aim to prevent database users from connecting directly to the database and running exhaustive queries that expose pieces of the sensitive data.

2. Unprivileged users with ad hoc query permissions can apply techniques to gain access to the actual data. (e.g. DDM enabled on Salary field, users apply T-SQL statement with conditions to query data within specific number range) For this scenario, you may need to apply auditing to monitor all database activity and mitigate this scenario.

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.
Message 2 of 5
408 Views
0
pmscorca
Helper V
Helper V
In response to v-shex-msft

‎07-04-2024 09:43 PM

Hi,

I need to classify the dynamic data masking functions respect to the reference literature, thanks.

Message 3 of 5
405 Views
0
v-shex-msft
Community Support
Community Support
In response to pmscorca

‎07-09-2024 12:14 AM

Hi @pmscorca,

In fact, they are different type of masking rules.

For default function, it will output the default value based on column definition instead actual value.

string types, use XXXX.
numeric types use a zero value.
date and time types, use 1900-01-01 00:00:00.0000000 .
binary types use a single byte of ASCII value 0.

For Email function, it will check hte value if they are in email structure and mask the value after the first charater and constant suffix before '.com'. (e.g. aXXX@XXXX.com)

For Random function, it will return a random value between the define number range.

For custom string, it will make after first character and before the last charter based on custom padding string in the middle. (prefix,[padding],suffix)

Dynamic data masking in Synapse Data Warehouse - Microsoft Fabric | Microsoft Learn

Regards,

Xiaoxin Sheng

Community Support Team _ Xiaoxin
If this post helps, please consider accept as solution to help other members find it more quickly.
Message 4 of 5
361 Views
0
pmscorca
Helper V
Helper V
In response to v-shex-msft

‎07-18-2024 03:27 AM

Hi,

I repeat that I need to classify the dynamic data masking functions respect to the reference literature.

I'm searching a functional documentation closer to the business.

Message 5 of 5
274 Views
0

Helpful resources

Announcements
Sept Fabric Carousel

Fabric Monthly Update - September 2024

Check out the September 2024 Fabric update to learn about new features.

September Hackathon Carousel

Microsoft Fabric & AI Learning Hackathon

Learn from experts, get hands-on experience, and win awesome prizes.

Sept NL Carousel

Fabric Community Update - September 2024

Find out what's new and trending in the Fabric Community.

View All