y****w
发帖数: 3747 | 1 we don't really have mature process for this, just very basic masking.
what tools suggested with security concern? either dbms is ok. if something
not limited to specified dbms, that would be great. |
g***l
发帖数: 18555 | 2 test data应该是QA去准备,如果是DBA或者DEVELOPER准备,就说明你们公司很不正式
,或者很小。TEST DATA应该COVER各种可能的案例,越广越好,BRD里有的案例都要
COVER,然后是LOAD TEST,大量数据下是个什么PERFORMANCE,SECURITY和TEST DATA有
啥关系,只和你的PROCESS有关系吧 |
i****a
发帖数: 36252 | 3 there are commercial products to generate dummy data.
we have an in house database application to replace real data with random
pre-generated dummy records.
something
【在 y****w 的大作中提到】
: we don't really have mature process for this, just very basic masking.
: what tools suggested with security concern? either dbms is ok. if something
: not limited to specified dbms, that would be great.
|
y****w
发帖数: 3747 | 4 I don't really trust the Indian moms qa team.
hmm, narrow the topic, actually I just want to say the masking of the test
data. how to mask the ID/numbers/names/etc.
【在 g***l 的大作中提到】
: test data应该是QA去准备,如果是DBA或者DEVELOPER准备,就说明你们公司很不正式
: ,或者很小。TEST DATA应该COVER各种可能的案例,越广越好,BRD里有的案例都要
: COVER,然后是LOAD TEST,大量数据下是个什么PERFORMANCE,SECURITY和TEST DATA有
: 啥关系,只和你的PROCESS有关系吧
|
y****w
发帖数: 3747 | 5 so care need to taken on the FK, uniqueness, etc. kind of difficult for
house made apps, say, how to make the dummy data looks not so bad?
【在 i****a 的大作中提到】
: there are commercial products to generate dummy data.
: we have an in house database application to replace real data with random
: pre-generated dummy records.
:
: something
|
g***l
发帖数: 18555 | 6 TEST本来就不是你的工作,有老印呢,QA没QA出来,出了问题是他们的责任,你又不是
BOSS,管那么多干什么,如果QA出来了就是BUG,大家再花时间去改,SOFTWARE
DEVELOPMENT就是这样走程序的, |
i****a
发帖数: 36252 | 7 don't need to scramble the keys.
for example user ID: 100, name: Jessica Alba. Just change the name to Bing
Bing Li, leave the user ID alone.
for
【在 y****w 的大作中提到】
: so care need to taken on the FK, uniqueness, etc. kind of difficult for
: house made apps, say, how to make the dummy data looks not so bad?
|
y****w
发帖数: 3747 | 8 just think. no mercy for laoyin.
【在 g***l 的大作中提到】
: TEST本来就不是你的工作,有老印呢,QA没QA出来,出了问题是他们的责任,你又不是
: BOSS,管那么多干什么,如果QA出来了就是BUG,大家再花时间去改,SOFTWARE
: DEVELOPMENT就是这样走程序的,
|
y****w
发帖数: 3747 | 9 oh,my bad. no need for keys.
but not always, suppose Order#
【在 i****a 的大作中提到】
: don't need to scramble the keys.
: for example user ID: 100, name: Jessica Alba. Just change the name to Bing
: Bing Li, leave the user ID alone.
:
: for
|
i****a
发帖数: 36252 | 10 we have issues with this too. some legacy or inda out source systems use
real data as key. we just decide to leave them alone also. as long as there
is no sensitive information in there.
commercial products can figure out those relations and generate data
accordingly from blank db schema.
【在 y****w 的大作中提到】
: oh,my bad. no need for keys.
: but not always, suppose Order#
|
y****w
发帖数: 3747 | 11 in our firm, india team also has more access than supposed to. I fired
several alerts, then granted by approval from CIO.
there
【在 i****a 的大作中提到】
: we have issues with this too. some legacy or inda out source systems use
: real data as key. we just decide to leave them alone also. as long as there
: is no sensitive information in there.
: commercial products can figure out those relations and generate data
: accordingly from blank db schema.
|
B*****g
发帖数: 34098 | 12 你现在肯定是招人烦招人恨
【在 y****w 的大作中提到】
: in our firm, india team also has more access than supposed to. I fired
: several alerts, then granted by approval from CIO.
:
: there
|
y****w
发帖数: 3747 | 13 公司那时有security officer的设置,就算知道肯定是形式,我也还是得走走。
前些天雷人这哥们就中招了。cio说我前面公司比这儿大一倍,也没专门弄个人搞这个blabla. 也
真是狠,从bank一直过来10年以上的老人说干就干了。我说的那个给印度权限的事儿,这cio就不断
的说没理由不给啊怎样怎样就是不肯发邮件,那段时间还是蛮搞的。说回来,现在大头儿要多快好省
建设资本主义,这些细功夫的玩意儿就变成她的敌人了。
btw,这帖子一编辑格式就乱七八糟了,你知道怎么办么?
【在 B*****g 的大作中提到】
: 你现在肯定是招人烦招人恨
|
