Skip to content
This repository has been archived by the owner on Nov 30, 2022. It is now read-only.

updates docs for supported masking strategies and associated configs #173

Merged
merged 4 commits into from
Jan 27, 2022
Merged

updates docs for supported masking strategies and associated configs #173

merged 4 commits into from
Jan 27, 2022

Conversation

eastandwestwind
Copy link
Contributor

@eastandwestwind eastandwestwind commented Jan 25, 2022
edited
Loading

Purpose

Update docs to reflect current supported masking strategies

Changes

  • Adds to masking_strategies.md. Screenshot of page for ease of review:

screencapture-0-0-0-0-8000-fidesops-guides-masking-strategies-2022-01-25-12_34_57

Checklist

  • Applicable documentation updated (guides, quickstart, postman collections, tutorial, fidesdemo, database diagram
  • Good unit test/integration test coverage

Ticket

Fixes #155

seanpreston
seanpreston reviewed Jan 26, 2022
View reviewed changes
docs/fidesops/docs/guides/masking_strategies.md Outdated
## Configuration

Only null value masking is currently supported by fidesops policies, but support for other strategies is coming.
Currently, erasure requests will replace customer data with null values.
Erasure requests will replace mask data with the chosen masking strategy.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we meant to remove either mask or replace in this line?

seanpreston
seanpreston reviewed Jan 26, 2022
View reviewed changes
docs/fidesops/docs/guides/masking_strategies.md Outdated

### Hash

Masks the input value by returning a hashed version of the input value. Is deterministic such that the same input value will mask to the same value within the same privacy request. This is not the case when the masking service is called as standalone service (outside of a privacy request).
Copy link
Contributor

@seanpreston seanpreston Jan 26, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider:

Masks the data by hashing the input before returning it. The hash is deterministic such that the same input will return the same output within the context of the same privacy request. This is not the case when the masking service is called as a standalone service, outside the context of a privacy request.

seanpreston
seanpreston reviewed Jan 26, 2022
View reviewed changes
docs/fidesops/docs/guides/masking_strategies.md Outdated

### AES Encrypt

Masks by encrypting the value using AES. Is deterministic such that the same input value will mask to the same value within the same privacy request. This is not the case when the masking service is called as standalone service (outside of a privacy request).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As above for deterministic explanation

seanpreston
seanpreston reviewed Jan 26, 2022
View reviewed changes
docs/fidesops/docs/guides/masking_strategies.md Outdated

### HMAC

Masks the input value by using the HMAC algorithm along with a hashed version of the data and a secret key. Is deterministic such that the same input value will mask to the same value within the same privacy request. This is not the case when the masking service is called as standalone service (outside of a privacy request).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As above for deterministic explanation

seanpreston
seanpreston suggested changes Jan 26, 2022
View reviewed changes
Copy link
Contributor

@seanpreston seanpreston left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few small language tweaks but a very useful addition nonetheless, thanks @eastandwestwind

@eastandwestwind
Copy link
Contributor Author

@seanpreston thanks for the comments! I've made those updates

pattisdr
pattisdr approved these changes Jan 26, 2022
View reviewed changes
Copy link
Contributor

@pattisdr pattisdr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great updates @eastandwestwind 🏆

@seanpreston seanpreston merged commit f5b236c into main Jan 27, 2022
@seanpreston seanpreston deleted the 155-docs-masking-strategies-update branch January 27, 2022 15:54
sanders41 pushed a commit that referenced this pull request Sep 22, 2022
@eastandwestwind
updates docs for supported masking strategies and associated configs (#…
1b86b86 
…173)

* updates docs for supported masking strategies and associated configs

* formatting to make each masking strategy more obvious

* missed a spot

* cr changes
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@pattisdr pattisdr pattisdr approved these changes

@seanpreston seanpreston seanpreston approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update masking strategies guide with latest supported options
3 participants
@eastandwestwind @seanpreston @pattisdr