Citations

Existing Citations

  • data obfuscation : Data obfuscation techniques must satisfy a basic rule: the obfuscated data should satisfy the same business rules as the real data. . . . ¶  Data obfuscation is the concealment of meaning in data or information usage, making it confusing and harder to interpret. ¶ Obfuscation is essentially the technique used to de-identify data. ¶ The terms obfuscation and data encryption are often intermixed although they are fundamentally different. Encryption prevents non-authorised users from understanding the data. Typically, encryption can be applied when the 'data is at rest', in order to protect the data against data loss; encryption can also be applied 'in transit', which protects the information from being compromised during transmission. However, with encryption, authorised users can still have access to the underlying data. Data obfuscation protects individual's data in non-production environments by replacing it with representative but fictitious data. In the event of a data loss involving obfuscated data, a non-authorised user may be able to read the data (including field headings), however it will not reflect any individual's details. (†805)
  • data obfuscation : Data obfuscation enables the hiding of sensitive data from insiders (e.g. application developers and testers) while keeping the obfuscated data realistic and therefore testable. (†1606)
  • data obfuscation : Data obfuscation (which is also sometimes referred to as data anonymisation, data masking, data privacy, data scrambling) - the test data is built from a sub-set of the production data that has been subject to a number of techniques designed to obscure the origin of the data. Specifically those techniques must prevent personally identifiable information or sensitive information from being identified from data. The techniques must not allow the original data to be re-created by reverse engineering. (†1607)
  • personal data : The [UK] Data Protection Act defines personal data as, any data which can be used to identify a living person. It applies only to that data which is held, or intended to be held, on computers ('equipment operating automatically in response to instructions given for that purpose'), or held in a 'relevant filing system'. (†1608)