Table of Contents

Search

  1. Preface
  2. Introduction to Dynamic Data Masking
  3. Rules
  4. Connection Rules
  5. Security Rules
  6. Security Rule Set Simulator
  7. Masking Functions
  8. Stored Procedure Result Set Masking
  9. Integration with Informatica Products
  10. XML Functions Reference
  11. Glossary

Step 2. Create a Security Rule Set to Process the Result Set

Step 2. Create a Security Rule Set to Process the Result Set

Create a security rule set to process the result set. Give the rule set the name that you provided in Step 1. as the "Ruleset Name for Resultset" parameter. Then create the rule or rules to match the columns in the result set that you want to mask, and configure the type of masking on those columns. Finally, you must create a rule within this rule set to apply the masking function.
  1. To create a security rule set, click on a domain node in the rule tree.
  2. Click
    Tree
    Add Rule Set
    .
    The
    Add Rule Set
    window appears.
  3. Enter the name of the security rule set that you gave as the
    Ruleset Name for Resultset
    property in the previous step. For example, "MaskEmpResultSet."
  4. Click
    OK
    .
    Within this rule set, create a rule or rules to match the column name in the result set that you want to mask, and specify the masking action.
  5. In the Management Console, click the security rule set that you created in the previous step.
  6. Select
    Tree
    Security Rule Set
    .
    The
    Rule Editor
    appears.
  7. Click
    Action
    Append Rule
    .
    The
    Append Rule
    window appears.
  8. Enter a name for the rule, for example, "MaskEmpName."
  9. For the
    Matching Method
    , select
    Metadata
    .
  10. For
    Content Type
    , select
    Column Name
    .
  11. In the text box, enter the column name and select
    String
    as the identification method.
    Alternatively, you can configure the wildcard or regular expression options as identification methods. Dynamic Data Masking cannot distinguish between a result set that is part of a stored procedure call and a result set that is part of other system calls. As a best practice, do not use multiple generic regular expressions to define the column metadata matcher.
  12. For
    Action Type
    , select
    Masking
    .
  13. For
    Data Type
    , select the type of data in the result set that you want to mask. You can choose from string, numeric, or date.
  14. For
    Masking Type
    , select the type of masking that you want to apply to the data. For numeric and string data types, you can choose from pattern, redaction, or constant masking. For the date data type, you can select only constant masking.
    For more information about the Masking action, the masking types, and their parameters, see the chapter "Security Rules."
  15. For the
    Processing Action
    , select
    Continue
    .
  16. Click
    OK.
  17. Select
    File
    Update Rules
    to save the rule in the rule tree.
  18. Optionally, you can create additional rules within this rule set on other columns in the same result set.
    When you are finished creating the rules that match the result set columns and mask the column data, create a final rule to apply the masking. This rule is mandatory and must be the final rule in the rule set.
  19. Select
    Tree
    Security Rule Set
    .
    The
    Rule Editor
    appears.
  20. Click
    Action
    Append Rule
    .
    The
    Append Rule
    window appears.
  21. Enter a name for the final rule, for example, "ApplyMasking."
  22. For the
    Matching Method
    , select
    Any
    .
  23. For
    Action Type
    , select
    Apply Masking
    .
  24. For the
    Processing Action
    , select
    Stop if Applied
    .
  25. Click
    OK
    .
  26. Select
    File
    Update Rules
    to save the rule in the rule tree.