Data Masking Configuration Integration Point
This integration supports configuration of fields and their associated transformation functions for the Data Masking Process.
This integration point only supports message-based communication.
- Endpoint
http://[hostName]:[portNumber]/[api-context-root]/datamaskingdefinitions/
Data Model
Each entry in the data masking configuration has:
Field | Description |
---|---|
Entity Name |
The name of the entity, for example, Person, Address, etc. |
Object Usage Name |
The usage name for a dynamic field, a dynamic record, or a fixed field on the entity. |
Record Object Usage Name |
The usage name of a field that is part of a dynamic record ( this is applicable when the object usage name is a dynamic record). |
Transformation Category |
The transformation function for the masking process. |
The transformation category that you select must align with the data type of the object usage name or the record object usage name. |
Supported Operations
This integration point supports:
-
Adding a new entity to the masking configuration using an HTTP POST request.
-
Updating the configuration for an entity using an HTTP PUT operation.
Add a New Entity
To add a new entry to the data transformation and masking process, send the following request and the sample request payload:
POST: http://[hostName]:[portNumber]/[api-context-root]/datamaskingdefinitions/
{
"entityName": "Person",
"objectUsageName": "medicareCard",
"recordObjectUsageName": "cardNumber",
"transformationCategory": "TXTHASH"
}
The above payload creates a configuration for the cardNumber field on the medicareCard dynamic record of the Person entity using the TXTHASH transformation function.
Update Configuration for an Entity
To update the configuration, send the following request and the sample request payload:
PUT: http://[hostName]:[portNumber]/[api-context-root]/datamaskingdefinitions/{id}
{
"transformationCategory": "TXTHASH"
}
This is a sample payload, you need to create your own payload based for the fields you want to mask.
Transformation Functions
The application provides several in-built transformation functions for the masking process based on the data type of the field:
Text Fields
Transformation Function Name | Description | Before | After |
---|---|---|---|
TXTHASH (Text hash with seed) |
This function applies the SHA-1 hash algorithm and truncates the output to match the maximum length of the associated field. For extra security, this function concatenates a user-configured seed value with the input text before passing the value to the hash function. You can even use this function to replicate the transformation outside the Oracle Health Insurance application. |
123456789 |
x8dtyqbfDPS[vub_EvtY4bdbvDsuFB3T |
TXTRPL (Simple text replacement) |
This function replaces the field value with the field name. Only recommended for non-unique columns. |
A dynamic record with column name as |
Replaces the stored values with the usage name, like the firstName in the example. |
TXTRNDPSF (Random replace, preserves size format) |
This function replaces the field value with a random value in the same format. The function replaces letters with letters, numbers with numbers, and preserves special characters. |
AA-A001B |
TY-U765C |
TXTRNDRPL (Text random replace) |
This function replaces the field value with a random character string with a random character string of the same size |
John |
DSGadjgadv8eog90 |
Number Fields
Transformation Function Name | Description | Before | After |
---|---|---|---|
NUMHASHADD / NUMHASHCON (Hash with seed add/concatenate) |
This function applies the SHA-1 hash algorithm and truncates the output to match the maximum length of the associated field. For extra security, this function concatenates a user-configured seed value with the input text before passing the value to the hash function. You can even use this function to replicate the transformation outside the Oracle Health Insurance application. |
10 |
93275 |
NUMNP (Nearest Prime) |
This function replaces the value with the nearest, smaller prime number. |
20 |
17 |
NUMRNDPSF (Random preserve format) |
This function replaces the number with a random number, preserving the format. |
10.99 |
24.65 |
Date Fields
Transformation Function Name | Description | Before | After |
---|---|---|---|
DATEDMYS (Day, month and year shift) |
Day - Sets to 1 |
2022-05-26 |
2020-06-01 |
DATEDMS (Day and month shift) |
Day - Sets to 1 |
2022-05-26 |
2022-06-01 |
DATEMPS (Day with partial month shift) |
Day - Sets to 1 |
2022-04-26 |
2022-05-01 |
DATEDS ( Day shift) |
Day - Set to 1 |
2022-04-26 |
2022-04-01 |
DATERNDS (Random Date) |
Day = 1-28
Month = 1-12 |
2022-04-26 |
2032-01-24 |
The values for Before and After columns under the Text, Number, and Date fields are sample values. |
Other Functions
Transformation Function Name | Description |
---|---|
SETNULL (Set to Null) |
Sets the value to |
SETDEFAULT (Set to Default) |
Only available for Gender field, sets the value to unknown |
We recommend use of the TXTHASH for string fields and NUMHASHADD or NUMHASHCON for number fields to mask data from unique fields like code on a Person, Policies, and so on.
This prevents any unique constraint errors during the masking process.
It also keeps the values consistent while masking data for the same fields across multiple entities, for example, policyCode for Policy , PolicyEnrollmentEvent , and EnrollmentFilePolicy .
|
Native Fields
To protect the integrity of the application, only the native fields listed below are part of the masking process.
All the dynamic fields and dynamic records are part of the masking configuration. We recommend exclude any dynamic fields for the tables to be purged as part of the Data Masking Process. |
Entity Name | Object Usage Name | Data Type | Mandatory/Unique |
---|---|---|---|
Person |
dateOfBirth |
Date |
Mandatory |
Person |
endDate |
Date |
|
Person |
code |
String |
Unique |
Person |
emailAddress1 |
String |
|
Person |
emailAddress2 |
String |
|
Person |
faxNumber |
String |
|
Person |
firstName |
String |
|
Person |
gender |
String |
|
Person |
initials |
String |
|
Person |
middleName |
String |
|
Person |
name |
String |
Mandatory |
Person |
namePartner |
String |
|
Person |
phoneNumberBusiness |
String |
|
Person |
phoneNumberMobile |
String |
|
Person |
phoneNumberPrivate |
String |
|
Person |
policyGid |
String |
|
Person |
suffix |
String |
|
Address |
additionalPart1 |
String |
|
Address |
additionalPart2 |
String |
|
Address |
additionalPart3 |
String |
|
Address |
city |
String |
|
Address |
numberAddition |
String |
|
Address |
postalCode |
String |
|
Address |
street |
String |
|
RelationIdentifier |
identifier |
String |
Mandatory |
BankAccountNumber |
bankAccountNumber |
String |
Mandatory |
BankAccountNumber |
bankAccountNumberDebit |
String |
|
BankAccountNumber |
specialName |
String |
|
TaskAttribute |
valueChar |
String |
|
TaskAttribute |
valueDate |
Date |
|
Policy |
code |
String |
Mandatory |
PolicyEnrollmentProduct |
startDate |
Date |
Mandatory |
PolicyEnrollmentProduct |
endDate |
Date |
|
InterfacedMessage |
correlationId |
String |
|
PolicyEnrollmentEvent |
policyCode |
String |
|
GroupClientEvent |
policyCode |
String |
|
EnrollmentFilePolicy |
policyCode |
String |
Mandatory |
PolicyIdentifier |
identifier |
String |
Unique |
Response Messages
The application creates the response messages in response to the request messages it receives from external interfaces. Please refer to the "Response Messages" section in the HTTP API/IP Concepts as part of the Developer Guide for more details.
Error Messages
The following error messages are specific to the data masking definition integration point.
Code | Severity | Message Text |
---|---|---|
DID-IP-CNFG-001 |
Fatal |
Invalid entity name {entityName} |
DID-IP-CNFG-002 |
Fatal |
For the {entityName} entity name, invalid object usage name {objectUsageName} defined or the object usage name {objectUsageName} cannot be part of the data masking process |
DID-IP-CNFG-003 |
Fatal |
Invalid record object usage name {recordObjectUsageName} for the {objectUsageName} object usage name |
DID-IP-CNFG-004 |
Fatal |
{recordObjectUsageName} cannot be added as a record object usage name for {objectUsageName} object usage name as {objectUsageName} is not a dynamic record |
DID-IP-CNFG-005 |
Fatal |
Record object usage name is required for {objectUsageName} object usage name, record object usage name must be defined for a dynamic record |
DID-IP-CNFG-006 |
Fatal |
{objectUsageName}/{recordObjectUsageName} cannot be added, flex codes, start dates and end dates not allowed |
DID-IP-CNFG-007 |
Fatal |
Transformation category does not match the attribute definition |