to render indistinct or dim; darken.” The word obfuscation, at times, can be used interchangeably with the term obscurity, meaning ““.
However, there is a subtle difference between the two terms and the former definition is more appropriate since obscurity implies that the hidden condition can be achieved without any additional effort.
In Listing 8-2, an example is provided that produces a random number between the values of 1 and 100. Character scrambling is a process by which the characters contained within a given statement are re-ordered in such a way that its original value is obfuscated.
Cracking a scrambled word can be made more challenging by, for example, eliminating any repeating characters and returning only lower case letters.
However, not all values will contain repeating values, so this technique may not be sufficient for protecting highly sensitive data.
In such cases, the DBA should apply one or more of the obfuscation techniques described in this article, extracted from John Magnabosco's excellent new book, Protecting SQL Server Data. On this holiday, the young and young at heart apply make-up, masks, costumes and outfits and wander the streets in search of sweet treats from their neighbors.
These costumes are designed to hide the identity of their wearer and grant that person the freedom to shed their everyday demeanor and temporarily adopt the persona of their disguise.
The database that is utilized for daily business transactions is referred to as the production database.
The version of the database that is used to develop and test new functionality is referred to as the development database.In order to ensure the accuracy of this testing, the development database should mimic the production database as closely as possible, in terms of the data it contains and the set of security features it implements.This means that all of the sensitive data efforts and options noted in this book apply to both environments and that it may be necessary to store sensitive data in both the development and production databases.One special consideration of the RAND system function is that when it is included in a user defined function an error will be returned when the user defined function is created.Now, we can obtain a random number in any user defined function with a simple call to our new view.If you are required to use real production data to test applications, any sensitive data should be "disguised" before loading it into the development environment.