1. Administration and Configuration Guide
  2. Data Security and Data Privacy
  3. Data Redaction
  4. Data Redaction Utility

Data Redaction Utility

This utility can be executed by running the seeded Batch with Batch Name as “##INFODOM##_DATA_REDACTION” if it is available as part of application common metadata. If it is not available, you have to create a new Batch as mentioned in the Creating Batch for Executing Data Redaction Utility section.

The task in the Batch has three parameters: dataredaction.sh, true/false and OFSAA User ID.

  • true/false flag
    • False- By default, false is seeded. False indicates policy scripts will be generated and executed.
    • True- Specify true to generate policy scripts, but will not be executed. You can use this option if the logged-in user does not have script execution rights on Atomic Schema. See Executing Data Redaction utility with TRUE flag section to execute the scripts later.
  • User ID - OFSAA user who is the batch owner

Note the following:

If any application specific database roles are granted to Atomic Schema, they should be granted as default roles after enabling data redaction.

Alter user << atomic schema user >> default role <<role1>>, <<role2>>.

For example, RQADMIN database role is granted to Atomic Schema user for ORE executions. In this case, post enabling data redaction, RQADMIN should be granted as a default role to Atomic Schema.

Alter user <<atomic schema user>> default role RQADMIN