Data Obfuscation

I overheard a guy talking about "Data Obfuscation". This term fascinated me and I asked him what it meant. He looked at me like a first grader. Forget what happened then. I have decided to educate people like me about different terms used for a single technology.

I heard about "Data Masking", "Data Redaction", "Data Sanitization" and "Data Anonymization" but not "Data Obfuscation" until recently. Data obfuscation, sanitization, redaction and data anonymization refer to the same concept. While "Data Masking" refers to masking data. We all have called help desk or the customer support. They ask you what are the last four digits of your social security number. Here they see only those four digits and nothing else. The rest of the digits are masked. This is what I call "Data Masking".

While "Data obfuscation" is a concept of altering the actual text\numeric in such a way that it does no longer have references to the actual text\numeric. All the above synonyms mentioned above refer to the same concept.

For example, If i have an SSN "123 45 6789" by employing any one of the several techniques (ask me and i will blog) will be transformed to a new number "678 45 3456". This technique is used by several financial companies to be used for testing and developing purposes.

Companies use this technique to provide developers and testers "real like data". In a way developers and testers would not know the difference between if this is generated data or real customer data.

I know you must be wondering about "what about integrity constraints in database?" How does application handle this data ? etc.. Come back next week and I will give you the answers.