Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Data Integration Hub 10.4.0
  • All Products

Table of Contents

Search

  1. Preface
  2. Introduction to Data Integration Hub
  3. Security
  4. Events
  5. User Policies
  6. Operation Console Management
  7. System Properties
  8. Connections
  9. Connectivity to Informatica Intelligent Cloud Services
  10. Integration of Data Integration Hub with Enterprise Data Catalog
  11. Document Management
  12. Entity Management
  13. Export and Import
  14. Data Integration Hub Utilities
  15. Dashboard and Reports Management

Administrator Guide

Administrator Guide

Back Next

Configuring Data Masking Rules in Dynamic Data Masking

Configuring Data Masking Rules in Dynamic Data Masking

This section describes how to configure security rules in Dynamic Data Masking.
Data Integration Hub
 uses these rules to mask data that are requested by subscription. Security rules specify the technique that the Dynamic Data Masking rule engine uses to mask data. Security rules consist of a matcher, a rule action, and a processing action. Use security rules to mask data in a specific row or to mask an entire column. For example, you can create a security rule that rewrites SQL requests that reference the Social Security column from the Employee table.
For more information about creating security rules, see the
Informatica Dynamic Data Masking User Guide
.
Perform the following steps to define a security rule in Dynamic Data Masking:
  1. Append a connection rule to the connection rules you created in the Configuring Dynamic Data Masking procedure as follows:
    1. In the Management Console, select the Dynamic Data Masking service that you want to add the connection rule and click
      Tree
      Connection Rules
      .
      The
      Rule Editor
       window is displayed.
    2. Select
      Action
      Apend Rule
      .
      The
      Apend Rule
       window is displayed.
    3. Enter the following details to create the second connection rule that redirects to the data masking Security RuleSet that the connection rule needs to execute:
      The first connection rule is created in Configuring Dynamic Data Masking.
      • Rule Name
        . Enter the name of the rule.
      • Identify incoming connections using
        . Select
        All Incoming Connections
        .
      • Apply Action on Incoming Connection
        . Select
        Use Rule Set
        .
      • Rule Set Name
        . Enter a name for the ruleset. You will further use the same name while you create the security ruleset in the next step. For example,
        MaskEmpResultSet
        .
      • Processing Action: When Rule is matched
        . Select
        Continue
        .
    4. Click
      OK
      .
      Connection Rules are saved.
  2. Perform the following steps to create a ruleset.
    1. In the Management Console, select the Dynamic Data Masking service that you want to add the connection rule to, and click
      Tree
      Add RuleSet
      .
      The
      Add Ruleset
      window is displayed.
    2. Enter the name of the security rule set that you gave as the Ruleset Name in the previous step and click
      OK
      . For example,
      MaskEmpResultSet
      .
      Within this rule set, create a rule or rules to match the column name in the result set that you want to mask, and specify the masking action.
    3. In the Management Console, click the security rule set that you created in the previous step.
    4. Select
      Tree
      Security Rule Set
      .
      The Rule Editor window is displayed.
    5. Click
      Action
      Apend Rule
       and update the following information:
      • Rule Name
        . Enter a name for the rule.
      • Matching Method.
         Select
        Text
        .
      • Text Description
        . Provide the name of the application that is defined in
        Data Integration Hub
         enclosed by the
        %
         symbol. For example, enter
        %DataMaskingApp%
        .
      • In the
        Action
         section, define masking rules as required.
      • Action Type
        . Select Mask
      • Table Name
        . Enter the name of the table that you have defined in the topic that maps to the application.
      • Column Name
        . Enter the name of the column that you want to mask. For example,
        Credit Card Number
        .
      • Masking Function
        . Enter
        ****
    6. Click
      OK
       to save the ruleset.
    The server masks data according to rules defined in Dynamic Data Masking and returns results to the subscription target. Considering the example values used in this procedure, credit card number of employees is replaced with **** when an application subscribes to the
    DataMaskingApp
     application.
0 COMMENTS
We’d like to hear from you!