Sql-server – dynamic data masking read uncommited

dynamic-data-maskingisolation-levelsql server

I have read about Dynamic Data Masking and one question is still in my mind. I am wondering what will happen is such scenario:
1. Dynamic Data Masking is set up on table
2. ETL process is loading new rows using NOLOCK hint (read uncommited)
3. During data load, execute select statement with read uncommited isolation level to get "dirty read" rows.

Does this "dirty data" will masked or not?

Best Answer

Dynamic Data Masking doesn't affect stored pages and it will work the same way with any transaction isolation level.

from Microsoft documentation(https://docs.microsoft.com/en-us/sql/relational-databases/security/dynamic-data-masking?view=sql-server-ver15):

Dynamic data masking is easy to use with existing applications, since masking rules are applied in the query results.

Related Solutions

Sql-server – SQL Server 2008 R2 Dirty reads – how non-atomic

EDITED after reading the MSDN forum link from the comment, very interesting.

Regardless of isolation level, two users cannot update a single page simultaneously, nor can any user read a partially updated page. Just imagine how SQL Server would deal with a page where the header says Col3 starts at byte 17. But it really starts at byte 25, because that part of the row hasn't been updated yet. There's no way a database could handle that.

But for rows larger than 8k, multiple pages are used, and that makes a half-updated column possible. Copied from the MSDN link (in case the link breaks), start this query in one window:

if object_id('TestTable') is not null
    drop table TestTable
create table TestTable (txt nvarchar(max) not null)
go
insert into TestTable select replicate(convert(varchar(max),
    char(65+abs(checksum(newid()))%26)),100000)
go 10
update TestTable set txt=replicate(convert(varchar(max),
    char(65+abs(checksum(newid()))%26)),100000)
go 100000

This creates a table and then updates it with a string of 100.000x the same character. While the first query is running, start this query in another window:

while 1=1 begin
 if exists (select * from TestTable (nolock) where left(Txt,1) <> right(Txt,1))
    break
end

The second query stops when it reads a column that is half updated. That is, when the first character is different from the last. It will finish quickly, proving that it is possible to read half-updated columns. If you remove the nolock hint, the second query will never finish.

Surprising result! A half-updated XML column might break a (nolock) report, because the XML would be malformed.

Sql-server – Does SQL Server place shared locks on scanned records when using REPEATABLE READ

What if some other transaction updates a record so that it would match with my WHERE clause in the UPDATE statement, thereby violating the REPEATABLE READ.

That would be SERIALIZABLE READ, not REPEATABLE. REPEATABLE only guarantees that the rows that qualified for the WHERE clause the first time will not disappear or be modified. It doesn't say anything about other rows qualifying in a second read.

Best Answer

Related Solutions

Sql-server – SQL Server 2008 R2 Dirty reads – how non-atomic

Sql-server – Does SQL Server place shared locks on scanned records when using REPEATABLE READ

Related Question