The following points provide additional information to assist in your masking configuration:
If the demonstration database includes a Data Masking feature configuration, review the settings because it will probably contain masking rules that will match your own.
On data input pages, a user might be able to enter or change masked data, such as a bank account number, but not be able to subsequently see what they added or changed.
External systems can request information by performing a service call via XAI. Please keep in mind that some XAI requests require data to be masked and some do not. For example, a request from an external system to synchronize person information needs the person's social security number unmasked; whereas a request from a web self service application to retrieve the same person information for display purposes needs the person's social security number masked. To implement this type of requirement, different users must be associated with each of the requests and these users must belong to separate user groups with different access rights.
If a maintenance object (MO) contains a CLOB field that holds an XML document and a service call invokes the MO's service program directly, the system will mask individual XML elements in the CLOB if a Determine BO algorithm has been plugged into the maintenance object and the element(s) in the respective BO schema have been secured as described above.
Copyright © 2000, 2015, Oracle and/or its affiliates. All rights reserved. Documentation build: 2.19.2015 16:18:51 [F1_1424305131000]