polito.it
Politecnico di Torino (logo)

Investigation and Implementation of Dynamic Data Masking

Alain Divin Bahizi

Investigation and Implementation of Dynamic Data Masking.

Rel. Alessandro Savino, Nicolò Maunero. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2024

[img]
Preview
PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (1MB) | Preview
[img] Archive (ZIP) (Documenti_allegati) - Altro
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (2MB)
Abstract:

This thesis investigates the adoption and implementation of data masking solutions within the financial services sector, particularly in response to the European Union’s landmark 2016 regulation on data protection. Article 25 of this regulation mandates that organizations employ adequate technical and organizational measures to integrate data protection principles by design and by default. Data masking emerges as a critical strategy for achieving compliance, transforming the way businesses handle user data and setting a benchmark for data privacy practices worldwide. The study is anchored in a practical experience gained through an internship at PwC Italy, aiming to implement a data masking solution that meets the specific GDPR compliance needs of a client. The investigation covers the spectrum of data masking, distinguishing between static and dynamic data masking techniques, their implementation approaches, and how they cater to varying data protection requirements. Through the lens of significant data breaches, the thesis evaluates their impacts and legal consequences, underpinning the critical need for proactive data protection strategies like data masking. A thorough analysis of regulatory compliance is presented, focusing on the legal mandates that organizations must fulfill concerning data protection. This discussion underscores the role of data masking within the regulatory framework, showcasing its significance in meeting data protection standards. Given the array of available commercial tools for data masking, the thesis navigates the complexities of selecting appropriate solutions. It considers factors such as functionality, cost, and organizational integration, providing a nuanced view of the decision-making process involved. The culmination of the thesis is a detailed examination of the data masking solution implemented during the author’s internship. This section reveals the achieved outcomes, the technical intricacies of the solution, and the challenges encountered throughout the project’s development. By focusing on the application of data masking techniques not only for data anonymity but also for legal compliance with GDPR, this thesis contributes valuable insights into the evolving landscape of data privacy and protection. It underscores the pivotal role of data masking in contemporary data protection strategies, offering a comprehensive overview for organizations aiming to navigate the complexities of regulatory compliance and data security.

Relatori: Alessandro Savino, Nicolò Maunero
Anno accademico: 2023/24
Tipo di pubblicazione: Elettronica
Numero di pagine: 59
Soggetti:
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: Nuovo ordinamento > Laurea magistrale > LM-32 - INGEGNERIA INFORMATICA
Aziende collaboratrici: Pricewaterhouse Coopers Business Services Srl
URI: http://webthesis.biblio.polito.it/id/eprint/30897
Modifica (riservato agli operatori) Modifica (riservato agli operatori)