Table of Contents


  1. Preface
  2. Introduction to Dynamic Data Masking
  3. Rules
  4. Connection Rules
  5. Security Rules
  6. Security Rule Set Simulator
  7. Masking Functions
  8. XML Functions Reference
  9. Glossary

Result Set Masking for String, Numeric, and Date Data Types

When you configure result set masking for a Microsoft SQL Server stored procedure with numeric, string, or date data types, you create two security rule sets. The first rule set must contain a rule that identifies the procedure call as a valid procedure call with a result set that you want to mask. This rule uses the Procedure Call matcher and the Process Result action. The Procedure Call matcher specifies the exact name of the stored procedure, and the Process Result action specifies the name of the second rule set that you create.
This second rule set contains the rule or rules that identify the column names that contain the data that you want to mask with the Metadata matcher. With these rules you also configure the type of masking that the Rule Engine applies to the data, with the Masking action. The second rule set must also contain a final rule that includes the Apply Masking action. Without the final rule that includes the Apply Masking action, the result set is not masked.