📜  标记化和掩蔽之间的区别

📅  最后修改于: 2021-08-24 16:43:08             🧑  作者: Mango

1.遮罩:
顾名思义,屏蔽是将实际数据替换为空值或常量值的过程。它被认为是本质上永久的令牌化。在这种情况下,敏感信息被一些与原始数据格式相同的随机字符代替,而这些随机字符也没有任何检索原始值的机制。基本上有两种屏蔽类型,即静态数据屏蔽(SDM)和动态数据屏蔽(DDM)。

2.标记化:
顾名思义,令牌化是用随机生成的字母数字值(称为令牌)替换原始值的过程。每当用户应用程序需要原始数据时,该系统就会在令牌数据库中查找令牌值并进行检索。它是用于保护数据安全的最古老的技术之一。在这种情况下,令牌在创建令牌并将其链接到其他数据的系统外部没有任何意义。

标记化和掩蔽之间的区别:

Masking 

Tokenization  

It is a process of applying mask to a value.  It is a process of replacing sensitive data with non-sensitive data. 
It simply ensures efficient use of masked data for analysis without fear of leaking private information.   It simply ensures correct formatting and transmission of data thus making it less vulnerable to cyberattacks.
It is generally used to secure structured and unstructured fields in both non-production and production environments such as database backups, data mining, etc.   It is generally used to secure credit card number or sensitive information in payment processing systems, customer service databases, and other structured data environments.  
It always preserves format but there are some chances of reidentification risk.   It always preserves format of data and maintain high security.  
It is an irreversible process i.e.; masked data cannot be retrieved back to original one.   It is a reversible process i.e.; tokenized data can be retrieved back to original one. 
It is easier for one to exchange masked data with third parties as they cannot view original data.  It is difficult for one to exchange data with third parties because they can have access to token database.  
It is used to secure data in use.   It is used to secure data at rest and data in motion.  
It normally protects sensitive data from being exposed to individuals who are not authorized or do not have access to view it. It normally creates surrogate value that can matched back to original string using database.