Examine the list of masked fields and look for "logical fields".
For example, assume your list contains the following masked fields:
The Person - Main page retrieves information using the person page service. This page contains a grid that contains the various forms of ID associated with the person. Entries in the grid with an ID Type of "Social Security Number" are subject to masking.
The Control Central - Main page retrieves data by invoking a search service. This service shows a person's primary form of ID in the search results. If a person's primary ID is their social security number then it is subject to masking.
The Control Central - Account Information page contains a map zone that retrieves data by invoking a service script. One of the elements in this script's schema holds the person's social security number and it is subject to masking.
In the above example, there is a single "logical field" associated with the three secured elements: the social security number.
Examine your list and define the distinct logical fields. For each one, create a security type with two authorization levels:
1 - Can only see the element masked
2 - Can only see the element unmasked
You should link all of the security types to an application service of your choosing. We recommend linking every masking-oriented security type to a single application service (e.g., CM_MASK) as it makes granting access easier.
Copyright © 2007, 2016, Oracle and/or its affiliates. All rights reserved. Documentation build: 2.5.2016 10:21:45 [T1_1454696505000]