🧩 The Real Problem
In many systems, sensitive data protection is implemented in application code:
- Emails masked in backend
- Phone numbers hidden in frontend
- Different logic across services
This leads to inconsistency and security risks.
💡 GBase Solution: Database-Level Masking
GBase database provides dynamic data masking, allowing you to control how data is displayed without modifying stored values.
👉 Masking happens at query time
👉 Controlled by permissions
👉 No code changes required
According to GBase design, masking only affects returned results, not stored data ([GBase][1])
⚙️ Example: Email Masking
Step 1: Create Table
CREATE TABLE users (
id INT,
email VARCHAR(255)
MASKED WITH (FUNCTION = 'keymask("@", "****", 0)')
);
Step 2: Insert Data
INSERT INTO users VALUES (1, 'alice@gbase.cn');
Step 3: Query Behavior
| Role | Result |
|---|---|
| Admin | alice@gbase.cn |
| Analyst | ****@gbase.cn |
🧠 How It Works
GBase supports multiple masking strategies:
- Partial masking
- Random masking
- Hash masking
-
keymaskfunction
Masking is applied based on user permissions ([GBase][1])
🔐 Why This Is Powerful
✅ Centralized Security
All rules live inside the database.
✅ Consistent Enforcement
Same behavior across:
- APIs
- BI tools
- Direct SQL
✅ Reduced Code Complexity
No need for custom masking logic.
🏢 Real Use Cases
- Banking → hide account numbers
- Healthcare → protect patient IDs
- Analytics → safe data sharing
🚀 Final Thoughts
With GBase, security becomes part of your data layer, not an afterthought.
👉 Write less code
👉 Reduce risk
👉 Enforce policies automatically
Top comments (0)