Implementation of data protection concept for data warehouse
Project duration: 4 months
Brief description
In this project, the data protection target concept developed by the PTA in consideration of the GDPR and the BDSG-new is implemented for a subset of the data in the customer DWH (Data warehouse). Data relevant to data protection law as well as data with direct and indirect personal references are encrypted/hashed, generalized or deleted according to the concept.
Supplement
The customer's DWH consists of a TeraData database, a Hadoop cluster and a TeraData Aster. When storing data from the source systems in the DWH, the personal data is encrypted. Encryption is performed using the Protegrity encryption tool.
Subject description
In the subsequent process (for example, when creating BI reports), the encrypted attributes for data aggregation can be temporarily decrypted. However, personal data is always stored in encrypted form in the reports themselves, which are made available to the user department. Role-based views that allow access to the encrypted data are controlled by a central policy. This means that for some defined roles the data is decrypted for display, for other roles it is partially decrypted, while for the remaining roles only the encrypted values are displayed. The role concept is realized by connecting to an Active Directory.