Table of Contents

Search

  1. Preface
  2. Introduction to Dynamic Data Masking
  3. Rules
  4. Connection Rules
  5. Security Rules
  6. Security Rule Set Simulator
  7. Masking Functions
  8. XML Functions Reference
  9. Glossary

Masking Function Examples

Masking Function Examples

A masking function defines how the Rule Engine masks data. The Rule Engine applies masking functions to incoming SELECT SQL statements that an unauthorized client sends to the database. Dynamic Data Masking rewrites the SQL statement. When the database receives the request, the database sends masked data to the client.
To create masking functions, use regular expressions and database management system SQL functions on the SELECT LIST columns.
The following table describes examples of masking functions:
Masking Function
Description
"
Hides the contents of the table column.
xxxx
Replaces the returned value inside ' '.
to_date(’YYYY-MM-DD’)
Applies a date to the masking function.
customer_codecase customer_code when 4 then 'confidential vip customer' when 2 then 'confidential vip customer' else customer_name end
Applies row level security and masks VIP customers identified by
customer_code = 4
.
decode ( substr ( p.bankaccno , 1 , 4 ) , 4500 , 450014265523 , 5314 , 531431925755 , 3210 , 321014760512 , 312331322 ) bankaccno
Maintains the first four digits of account numbers and replaces the rest of the numbers with masked values.