I just did a quick breeze through of the Data Security Glossary, nice work and I like that you put references for most (all?) entries.
In passing I noticed a few things I wasn't quite sure I agreed with and one omission. I was wondering if that was still open for review and if so I could go through in more detail.
Some things I noticed in a quick glance:
- Data Masking - Is sometimes also used to mean displaying data to user and replacing part of the data with something like a *
- Data Mesh - "A data mesh is an architectural framework that solves advanced data security challenges" I don't think this is the primary purpose of a mesh and might in fact increase some data security challenges if not done well.
- Tokenization - Many vendors supply vaultless tokenization, although arguably it might be considered encryption not tokenization
- Format Preserving Encryption seems to be missing.
Thanks!
------------------------------
Doug McDorman
MTS Security Strategy and Architecture
T-Mobile
------------------------------