GB2609122A - Data masking in a microservice architecture - Google Patents

Data masking in a microservice architecture Download PDF

Info

Publication number
GB2609122A
GB2609122A GB2214588.2A GB202214588A GB2609122A GB 2609122 A GB2609122 A GB 2609122A GB 202214588 A GB202214588 A GB 202214588A GB 2609122 A GB2609122 A GB 2609122A
Authority
GB
United Kingdom
Prior art keywords
masker
microservice
recited
worker
bucket
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
GB2214588.2A
Other versions
GB202214588D0 (en
Inventor
R Lu Kimberly
S Brandt Joseph
Shilane Philip
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
EMC Corp
Original Assignee
EMC IP Holding Co LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US16/879,096 external-priority patent/US20210365587A1/en
Priority claimed from US16/879,111 external-priority patent/US11475160B2/en
Priority claimed from US16/879,077 external-priority patent/US11468193B2/en
Priority claimed from US16/879,084 external-priority patent/US11347690B2/en
Application filed by EMC IP Holding Co LLC filed Critical EMC IP Holding Co LLC
Publication of GB202214588D0 publication Critical patent/GB202214588D0/en
Publication of GB2609122A publication Critical patent/GB2609122A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1448Management of the data involved in backup or backup restore
    • G06F11/1453Management of the data involved in backup or backup restore using de-duplication of the data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/14Error detection or correction of the data by redundancy in operation
    • G06F11/1402Saving, restoring, recovering or retrying
    • G06F11/1446Point-in-time backing up or restoration of persistent data
    • G06F11/1458Management of the backup or restore process
    • G06F11/1469Backup restoration techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/11File system administration, e.g. details of archiving or snapshots
    • G06F16/113Details of archiving
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • G06F16/215Improving data quality; Data cleansing, e.g. de-duplication, removing invalid entries or correcting typographical errors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2201/00Indexing scheme relating to error detection, to error correction, and to monitoring
    • G06F2201/84Using snapshots, i.e. a logical point-in-time copy of the data

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Quality & Reliability (AREA)
  • Data Mining & Analysis (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

A method includes retrieving, with a masker controller job, an object and an associated object ID from a masking bucket that is defined in storage, making a copy of the object, with a masker worker microservice, masking the copy of the object to create a masked object, transmitting the masked object to an object access microservice, with the object access microservice, transmitting the masked object to a deduplication microservice, with the deduplication microservice, deduplicating the masked object, and storing the masked object in the storage.

Claims (20)

1. A method, comprising: with a masker controller job, retrieving an object and an associated object ID from a masking bucket that is defined in storage; making a copy of the object; with a masker worker microservice, masking the copy of the object to create a masked object; transmitting the masked object to an object access microservice; with the object access microservice, transmitting the masked object to a deduplication microservice; with the deduplication microservice, deduplicating the masked object; and storing the masked object in the storage.
2. The method as recited in claim 1, wherein the masker controller job forwards the copy of the object to the masker worker microservice.
3. The method as recited in claim 1, wherein the masker worker microservice transmits the masked object to the masker controller.
4. The method as recited in claim 1, wherein making a copy comprises making the copy in a streaming manner.
5. The method as recited in claim 1, wherein the masker controller job retrieves the object and the object ID from the masker bucket by performing operations comprising: reading out the object ID from the masker bucket; placing the object ID in a channel; and initiating a thread which retrieves the object ID from the channel, and which retrieves the object from the masker bucket.
6. The method as recited in claim 1, wherein after successful masking of the copy of the object, the masker controller job deletes the object ID from the masker bucket.
7. The method as recited in claim 1, wherein the masker controller job selects the masker worker to which the object is sent for masking.
8. The method as recited in claim 1, wherein the masker worker microservice is provided by a masker worker that is a member of a scalable group of masker workers that are each capable of providing an instance of the masker worker microservice, and the masker controller job apportions a masking workload among the masker workers in the group.
9. The method as recited in claim 1, further comprising receiving, at the masker bucket, the object and object ID from a user.
10. The method as recited in claim 1, further comprising receiving by the masker controller job, by way of a user interface (Ul), an indication of a user selection of the object for masking, and a user selection of the masker bucket.
11. A non-transitory storage medium having stored therein instructions that are executable by one or more hardware processors to perform operations comprising: with a masker controller job, retrieving an object and an associated object ID from a masking bucket that is defined in storage; making a copy of the object; with a masker worker microservice, masking the copy of the object to create a masked object; transmitting the masked object to an object access microservice; with the object access microservice, transmitting the masked object to a deduplication microservice; with the deduplication microservice, deduplicating the masked object; and storing the masked object in the storage.
12. The non-transitory storage medium as recited in claim 11, wherein the masker controller job forwards the copy of the object to the masker worker microservice .
13. The non-transitory storage medium as recited in claim 11, wherein the masker worker microservice transmits the masked object to the masker controller.
14. The non-transitory storage medium as recited in claim 11, wherein making a copy comprises making the copy in a streaming manner.
15. The non-transitory storage medium as recited in claim 11, wherein the masker controller job retrieves the object and the object ID from the masker bucket by performing operations comprising: reading out the object ID from the masker bucket; placing the object ID in a channel; and initiating a thread which retrieves the object ID from the channel, and which retrieves the object from the masker bucket.
16. The non-transitory storage medium as recited in claim 11, wherein after successful masking of the copy of the object, the masker controller job deletes the object ID from the masker bucket.
17. The non-transitory storage medium as recited in claim 11, wherein the masker controller job selects the masker worker to which the object is sent for masking
18. The non-transitory storage medium as recited in claim 11, wherein the masker worker microservice is provided by a masker worker that is a member of a scalable group of masker workers that are each capable of providing an instance of the masker worker microservice, and the masker controller job apportions a masking workload among the masker workers in the group.
19. The non-transitory storage medium as recited in claim 11, wherein the operations further comprising receiving, at the masker bucket, the object and object ID from a user.
20. The non-transitory storage medium as recited in claim 11, wherein the operations further comprise receiving by the masker controller job, by way of a user interface (Ul), an indication of a user selection of the object for masking, and a user selection of the masker bucket.
GB2214588.2A 2020-05-20 2021-04-23 Data masking in a microservice architecture Pending GB2609122A (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US16/879,096 US20210365587A1 (en) 2020-05-20 2020-05-20 Data masking in a microservice architecture
US16/879,111 US11475160B2 (en) 2020-05-20 2020-05-20 Data masking in a microservice architecture
US16/879,077 US11468193B2 (en) 2020-05-20 2020-05-20 Data masking in a microservice architecture
US16/879,084 US11347690B2 (en) 2020-05-20 2020-05-20 Data masking in a microservice architecture
PCT/US2021/028958 WO2021236292A1 (en) 2020-05-20 2021-04-23 Data masking in a microservice architecture

Publications (2)

Publication Number Publication Date
GB202214588D0 GB202214588D0 (en) 2022-11-16
GB2609122A true GB2609122A (en) 2023-01-25

Family

ID=75919409

Family Applications (1)

Application Number Title Priority Date Filing Date
GB2214588.2A Pending GB2609122A (en) 2020-05-20 2021-04-23 Data masking in a microservice architecture

Country Status (3)

Country Link
DE (1) DE112021002848T5 (en)
GB (1) GB2609122A (en)
WO (1) WO2021236292A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019008548A1 (en) * 2017-07-07 2019-01-10 Rombit Nv Method, computer system and computer program product for managing personal data
US20190057218A1 (en) * 2017-08-18 2019-02-21 Sap Se Providing data protection and privacy as a service in a cloud platform
US20190087835A1 (en) * 2017-09-15 2019-03-21 Sap Se Secure data analysis in multitenant applications

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019008548A1 (en) * 2017-07-07 2019-01-10 Rombit Nv Method, computer system and computer program product for managing personal data
US20190057218A1 (en) * 2017-08-18 2019-02-21 Sap Se Providing data protection and privacy as a service in a cloud platform
US20190087835A1 (en) * 2017-09-15 2019-03-21 Sap Se Secure data analysis in multitenant applications

Also Published As

Publication number Publication date
WO2021236292A1 (en) 2021-11-25
GB202214588D0 (en) 2022-11-16
DE112021002848T5 (en) 2023-03-23

Similar Documents

Publication Publication Date Title
PH12016000485A1 (en) Document processing
PH12018501430B1 (en) System and method for driver selection
WO2018169567A8 (en) Shared software libraries for computing devices
MX2015000756A (en) Application deletion prompting method and apparatus.
PH12018502712B1 (en) Data processing method and device
TW201627882A (en) Deterministic database system and data transferring method thereof
CN107729553A (en) System data account checking method and device, storage medium, electronic equipment
RU2015121375A (en) INFORMATION PROCESSING DEVICE AND INPUT DEVICE
MY192152A (en) Method and device for providing wireless access point
CN107608770A (en) Multi-task Concurrency performs processing method
JP2017520845A5 (en)
WO2015167538A3 (en) Migrating objects from a source service to a target service
MY189491A (en) Database data modification request processing method and apparatus
MY197390A (en) Power mode management system, method for providing power mode parameter combination, method for updating power mode parameter combination, computer software and storage medium
GB2609122A (en) Data masking in a microservice architecture
GB2583608A (en) Job management in data processing system
US20170344607A1 (en) Apparatus and method for controlling skew in distributed etl job
WO2020230154A4 (en) Systems, methods, and a computer program product for generating project workflow
FI20175157L (en) Control system for a cargo ship
GB2545142A (en) Contextual workflow management
EP4250136A3 (en) Systems and methods for dataflow graph optimization
GB2582099A (en) Deduplication for files in cloud computing storage and communication tools
EP4235171A3 (en) Mass spectrometer
US10628220B2 (en) Information processing system, information processing method, and non-transitory computer-readable storage medium for storing program
EP4372572A3 (en) Data processing method and computer device