Table of Contents

Search

  1. Preface
  2. Working with Transformations
  3. Aggregator Transformation
  4. Custom Transformation
  5. Custom Transformation Functions
  6. Data Masking Transformation
  7. Data Masking Examples
  8. Expression Transformation
  9. External Procedure Transformation
  10. Filter Transformation
  11. HTTP Transformation
  12. Identity Resolution Transformation
  13. Java Transformation
  14. Java Transformation API Reference
  15. Java Expressions
  16. Java Transformation Example
  17. Joiner Transformation
  18. Lookup Transformation
  19. Lookup Caches
  20. Dynamic Lookup Cache
  21. Normalizer Transformation
  22. Rank Transformation
  23. Router Transformation
  24. Sequence Generator Transformation
  25. Sorter Transformation
  26. Source Qualifier Transformation
  27. SQL Transformation
  28. Using the SQL Transformation in a Mapping
  29. Stored Procedure Transformation
  30. Transaction Control Transformation
  31. Union Transformation
  32. Unstructured Data Transformation
  33. Update Strategy Transformation
  34. XML Transformations

Transformation Guide

Transformation Guide

Format Preserving Encryption

Format Preserving Encryption

Encryption masking applies encryption algorithms to mask source data.
Mask string data types with format preserving encryption.
You can choose to preserve the format and length of the source data or the length of the source data. You can also choose to change the format and length of the source data after encryption.
You can choose characters that you do not want to encrypt.
After you encrypt the source data, you can also decrypt it to get back the original data. To decrypt the data, you must create and run a mapping that uses the same encryption technique with the same pass phrase that you used to encrypt the source data. Set the mode to Decryption.
If the source data contains UTF-8 four byte characters, you cannot use encryption to mask the data.
Select one of the following encryption techniques:
Preserve Format and Metadata
Use the Preserve Format and Metadata encryption option to preserve the format and the length of the source data. When you choose to preserve format and metadata, all uppercase characters are replaced with uppercase characters, lowercase characters are replaced with lowercase characters, numbers are replaced with numbers, and special characters are replaced with special characters after encryption. For example, an email address Abc123@xyz.com might become Mpz849#dje!kuw. In this example, if you configure "@" and "." characters as Do Not Encrypt Characters, the email might become Mpz849@dje.kuw.
Preserve Metadata
Use the Preserve Metadata encryption option to preserve the length of the source data. When you choose to preserve metadata, the length of the data remains the same after encryption. For example, a first name Alexender might become jl6#HB91v, where the length remains the same as in the source data.
Change Metadata
Use the Change Metadata encryption option to change the length of the source data after encryption. When you choose to change metadata, the encrypted data does not retain the length and format of the source data. For example, a city name London might become Xuep@8f5, fmch529, or 6ky#ke33h*we.
Before you use the Change Metadata encryption option, you must change the precision of the column you want to apply encryption on in the database.
Use the following formula to calculate the precision and round up the value to the next higher integer:
Required Precision = (1.33*Original Precision)+24
After you change the column precision in the database, you must update the column precision in the mapping. To update the column precision you can either reimport the metadata from the updated database, or manually change the column precision in each transformation in the mapping.

0 COMMENTS

We’d like to hear from you!