I am Sarang, a GSoC contributor interested in improving secure data handling in this project.
Currently, PII tokenization exists, but the method responsible for persisting token-to-original mappings (PIIVault.save_mapping) is not implemented. Without secure persistence, tokenization cannot support reliable retrieval or controlled re-identification workflows.
Proposed Improvement:
- Implement secure storage for token-to-original mappings
- Ensure encryption-at-rest for sensitive data
- Introduce basic schema separation for isolation
- Restrict access to authorized internal workflows only
Acceptance Criteria:
- Implement
save_mapping with secure storage (e.g., encrypted database or secure backend)
- Ensure sensitive values are encrypted before persistence
- Provide controlled retrieval mechanism for authorized use cases
- Maintain compatibility with existing tokenization flow
- Add tests to verify storage, retrieval, and access control
Note:
This can be further extended into a larger effort around secure PII vault design and lifecycle management.
I am Sarang, a GSoC contributor interested in improving secure data handling in this project.
Currently, PII tokenization exists, but the method responsible for persisting token-to-original mappings (
PIIVault.save_mapping) is not implemented. Without secure persistence, tokenization cannot support reliable retrieval or controlled re-identification workflows.Proposed Improvement:
Acceptance Criteria:
save_mappingwith secure storage (e.g., encrypted database or secure backend)Note:
This can be further extended into a larger effort around secure PII vault design and lifecycle management.