CPC G06F 16/24573 (2019.01) [G06F 16/211 (2019.01); G06F 16/212 (2019.01); G06F 16/2291 (2019.01); G06F 16/2365 (2019.01); G06F 16/27 (2019.01); G06F 16/288 (2019.01); G06F 16/289 (2019.01)] | 20 Claims |
1. A computer-implemented object tagging method for a database, comprising:
receiving from an administrator of the database, a tag creation command including a tag name;
in response to the tag creation command, creating a tag for classifying sensitive information in objects of the database;
granting an apply privilege of the tag to a data owner of an object of the database;
in response to a bind command from the data owner, generating a tagged object based on the tag and the object of the database, the tagged object containing sensitive information; and
in response to a request from the database administrator during an audit, performing operations comprising:
finding the tagged object of the database using the tag;
determining whether the tagged object of the database is associated with a masking policy set by the administrator; and
in response to determining the tagged object is unassociated with the masking policy, associating the tagged object with the masking policy to mask the sensitive information.
|