G Example of Setting a Field with Field Level Masking (Release A9.3 Update)

This appendix contains these topics:

• Section G.1, "Proof of Field Level Masking Set,"

• Section G.2, "Test the Masking Field on a Screen and a Report."

The following section contains the steps necessary for the Field Level Masking application programs to set a masking on the ABTAX field in file F0101 Address Book in library FLSTEST.

Navigation

From Master Directory (G), access menu G941 Field Masking Security

To set a masking on the ABTAX field in file F0101 Address Book in library FLSTEST

1. On Field Level Masking (G941), choose Field Security Masking (P94101).

2. Ensure that the field ABTAX in the F0101 Address Book file is included in the F94101 Field Masking Inclusions file.

   To confirm ABTAX field is included in the F94101 Field Masking Inclusions file, inquire on File Name F0101.

   Figure G-1 Field Masking Inclusions screen

   
   Description of "Figure G-1 Field Masking Inclusions screen"
   
   

   Note that ABTAX is an included field in file F0101 and can be used to mask within Field Level Masking.

3. On Field Level Masking (G941), choose Data Item Masking Definitions (P94102).

   Figure G-2 Data Item Masking Definitions screen

   
   Description of "Figure G-2 Data Item Masking Definitions screen"
   
   

   Add a Masking Code for Data Item TAX. The Masking Value of ’*' will replace the first 5 positions of the TAX field.

4. Press Enter to add the Masking Definition.

5. Press F9 to Redisplay the Masking Definition added.

   Figure G-3 Data Item Masking Definitions screen

   
   Description of "Figure G-3 Data Item Masking Definitions screen"
   
   

   Note that the fields Field Size/Disp Dec displays 20 and Data Type Description displays Alphanumeric for the TAX Data Item from the Data Dictionary. The Non-mask Display and Mask Display fields demonstrate how the value is presented when unmasked or masked.

6. After setting up the Masking Definition for the TAX Data Item, you must create the Database Field Level Security record.

   • First, establish the IBM Authorization List, which is going to be used on the field to be masked.

   • From the command line, type the following command:

     CRTAUTL

   • Press F4 to access the Create Authorization List screen. In this example, we will use the IBM Authorization List TAXAUTH.

   • Press Enter to create the IBM Authorization List.

   Figure G-4 Create Authorization List screen

   
   Description of "Figure G-4 Create Authorization List screen"
   
   

7. Type the command EDTAUTL TAXAUTH to edit the Authorization List.

   Figure G-5 Edit Authorization List screen

   
   Description of "Figure G-5 Edit Authorization List screen"
   
   

   In this example, the Authorization List Owner, JDEPGMR has *ALL Object Authority. All other users, through *PUBLIC, have *CHANGE rights.

   To set up field masking for users not in group profile JDEPGMR, change *PUBLIC rights to *EXCLUDE and then press Enter.

   Figure G-6 Edit Authorization List screen

   
   Description of "Figure G-6 Edit Authorization List screen"
   
   

8. On Field Level Security (G941), choose Database Field Level Security (P94104).

   Figure G-7 Database Field Level Masking screen

   
   Description of "Figure G-7 Database Field Level Masking screen"
   
   

   To add a Database Field Level Masking (F94104) record the Field Masking Inclusions and the Data Item Masking Definitions records must exist first. Using the records we created in previous steps, complete the fields as follows:

   File Name F0101

   Data File Library FLSTEST

   Field Name ABTAX

   Authorization List TAXAUTH

   Data Item TAX

   Masking Code 11.

9. Press Enter to add the record and then press F9 to Redisplay the record.

   Figure G-8 Database Field Level Masking screen

   
   Description of "Figure G-8 Database Field Level Masking screen"
   
   

   Notice that the Masking Status displays as Inactive since the Field Level Masking has not been Set for the ABTAX field in the file and library combination.

10. On Field Level Masking (G941), choose Field Level Masking Workbench (P98XWB).

    Enter Library Name FLSTEST in the filter field and then press Enter.

    Figure G-9 Field Level Masking Workbench screen

    
    Description of "Figure G-9 Field Level Masking Workbench screen"
    
    

    The F94104 record for the ABTAX field in file F0101 and library FLSTEST displays in the list with a Masking Status of Inactive.

11. Set masking on this ABTAX field in the file and library, using selection Option 4 (Set) and then press Enter.

    Figure G-10 Field Level Masking Workbench screen

    
    Description of "Figure G-10 Field Level Masking Workbench screen"
    
    

12. The following graphic displays the result of setting the Field Level Masking, status is Active.

    Figure G-11 Field Level Masking Workbench screen

    
    Description of "Figure G-11 Field Level Masking Workbench screen"
    
    

G.1 Proof of Field Level Masking Set

To prove Field Level Masking was successfully set on the ABTAX field

1. From the command line on Field Level Masking (G941), type DSPFFD (Display File Field Description) and press F4.

2. Type the File (F0101) and Library (FLSTEST) where the Field Level Masking was set.

   Figure G-12 Display File Field Description screen

   
   Description of "Figure G-12 Display File Field Description screen"
   
   

3. Press Enter to access the Display Spooled File screen.

   Figure G-13 Display Spooled File screen

   
   Description of "Figure G-13 Display Spooled File screen"
   
   

4. In the Find field type ABTAX and press F16.

   Figure G-14 Display Spooled File screen

   
   Description of "Figure G-14 Display Spooled File screen"
   
   

   Note the Field Procedure Name X940000000. This is the indication that the "set" process was successful and the masking is now active for this field.

5. Another way to prove that Field Level Masking is ’Set' on a field is to run an SQL statement.

   From the command line, type STRSQL and then press Enter.

6. From the SQL command line, type the following SQL statement:

   select sys_cname, sys_tname, sys_dname, fldproc from qsys2/sysfields

   Figure G-15 Enter SQL Statements screen

   
   Description of "Figure G-15 Enter SQL Statements screen"
   
   

7. When you run the SQL statement as specified on Step 6, the system displays all the combinations of Fields/Files/Libraries in the entire system that have Field Level Masking applied.

G.2 Test the Masking Field on a Screen and a Report

From Address Book (G01) menu, access Address Book Revisions (V01051). Inquire on Address Number 27 and press F13 (Address Book Control Revisions). Address Number 27 is a record that has a Tax Id.

Review the following graphic of the Address Book Control Revisions (V010513) screen for Address Number 27.

Figure G-16 Address Book Control Revisions screen

Description of "Figure G-16 Address Book Control Revisions screen"

Note that the Tax Id is not masked for the user with access through group JDEPGMR.

The following graphic displays the Address Book Control Revisions (V010513) screen with the Tax ID masked for the user without access through the group JDEPGMR.

Figure G-17 Address Book Control Revisions screen

Description of "Figure G-17 Address Book Control Revisions screen"

The following graphic displays a World Writer report with Address Number 27 and the Tax Id not masked for the user with access through the group JDEPGMR.

Figure G-18 Display Spooled File screen

Description of "Figure G-18 Display Spooled File screen"

The following graphic displays a World Writer report with Address Number 27 and the Tax Id masked for the user without access through the group JDEPGMR.

Figure G-19 Display Spooled File screen

Description of "Figure G-19 Display Spooled File screen"