Updated on 2025-07-08 GMT+08:00

Data Masking Overview

DSC supports static data masking and dynamic data masking. You can configure masking rules for specified data assets to implement static masking or use APIs for data masking to implement dynamic data masking, ensuring that sensitive information is not disclosed. Masking Algorithms and Application Scenarios lists the data masking algorithms supported by DSC.

Static data masking: DSC can help mask a large amount of data at one time based on the configured data masking rules. Static data masking is used when sensitive data in the production environment is delivered to the development, testing, or external environment for development and testing and data sharing and research. You can create an data masking task on the DSC console to quickly mask sensitive data in database, OBS, and big data assets.

API-based masking: Data accessed by external systems can be masked in real time. This masking type applies to scenarios where data is queried from the external system, such as production applications, data exchange, O&M applications, and marketing. For details, see APIs for data masking.

Procedure

Figure 1 Static data masking flowchart

Figure 2 API-based data masking flowchart

Data Sources Supported by Data Masking

Table 1 Data sources supported by data masking

Masking Type

Data Source Type

Data masking

SQLServer, MySQL, TDSQL, PostgreSQL, KingBase, DMDBMS, GaussDB, Oracle, and DWS

Elasticsearch masking

Elasticsearch

Hive masking

Hive

HBase masking

HBase

DLI masking

DLI

MRS masking

MRS_HIVE

OBS masking

OBS bucket files (text and images (face and license plate))