Data Masking Process

The process to mask operational data comprises two steps:

  • Transforming identifiable data based on the data masking configuration.

  • Purge the data from the entities.

Run the Database Package

Prerequisites

Create a backup of the source environment.

Run the Database Package

To run the package, perform the following steps:

  1. Create a PDB clone of the source environment.

  2. Confirm whether the package runs on the newly-cloned environment and not on the source environment.

  3. Run the package on the cloned PDB using the following command. You need ohi_<app>_owner privileges to run the package.

    exec ohi_data_masking_pkg.mask_data_parallel(<parameter 1>, <parameter 2>, '<parameter 3>', <parameter 4>, '<parameter 5>');

    Where:

    • The parameter 1 and 2 contain seed values for NUMHASHADD and NUMHASHCON transformation functions.

    • The parameter 3 contains a seed value for the TXTHASH function.

    • The parameter 4 is optional and contains the commit frequency with a default value of 5000.

    • The parameter 5 is optional and contains a Yes (Y) or No (N) values to enable the logging process. The application has the logging process as disabled by default.

    Following are the sample commands to run the masking package:

    exec ohi_data_masking_pkg.mask_data_parallel(999 ,987, 'sometext');
    exec ohi_data_masking_pkg.mask_data_parallel(999 ,987, 'sometext', 10000, N);
  4. Create an export of the masked schema.

  5. Deploy the application by following the instructions in the Installation Guide to install the application on the server with the masked schema.

Data Transformation Process

Step 1: Mask Data

  1. The process starts to transform data based on the configuration from the Data Masking Configuration Integration Point.

  2. The process resets the audit columns for the transformed or updated rows, like Created By, Creation Data, Last Updated By and Last Updated Date columns of a table.

Step 2: Purge Data

The application purges the data from the entities listed below.

Entities

List of entities that purge completely for this process:

Table 1. Tables
Used For Entity Name

Extracts

Extract

Notes

Note
NoteMaster
GroupAccountNote
GroupAccountNoteMaster
GroupClientNote
GroupClientNoteMaster

Financial Details

FinancialTransaction
FinancialTransactionSet
FinancialTransactionDetail
FinancialTransactionProcessData
FinancialTransactionDetailProcessData
FinancialGroupingCombination
FinancialTransactionSetActivity
FinancialSubjectRegistration
FinancialBulkingGroupActivity
GenerateAccountingDetailMessage
BaseFinancialObject
BaseFinancialObjectActivity
FinancialHold
Registration
RegistrationActivity
RegistrationInvoice
AccountingDetail
AccountingDetailGrouping
CreateAccountingDetailFinancialTransaction
CreateAccountingDetailRegistration
CreateAccountingDetailFinancialTransactionGroupAccount

Policy Update Requests

PolicyUpdateRequest
PolicyUpdateRequestActiviy
PolicyUpdateRequestStatusHistory
PolicyUpdateRequestNotification
PolicyUpdateRequestErrorDetail
ImportPolicyUpdateRequest

Logs

LogApplicationEvent
LogDynamicLogicEvent
LogPHIEvent

Other Tables

InterfacedMessageDetail
OutboundMessage
AggregateChangeEvent
Bookmark
MacroHistory
ImportPolicy
PolicyActivity
GroupClientEvent
EnrollmentFilePolicy
EnrollmentEventNotification
SourceReplicationEvent
TargetReplicationEvent
OAuthAssertionJWTBearerGrantConfiguration
OAuthClientConfigurationParameter
OAuthGrantConfiguration
OAuthParameter

NOTE

In addition to the above entities, few other technical tables including the Financial processing related technical tables are also part of the purge process

Properties

List of the properties set to null as part of this process:

Entity Name

Properties

Activity

correlationId
descr
extraInfo
internalRemarks
subjectId

ActivityMessage

value0..value9

PolicyMessage

value0..value9

GroupClientMessage

value0..value9

PolicyEnrollmentEvent

value0..value9

PolicyEvent

changeLog

Activity

extraInfo

Task

extraInfo
context
correlationId
subjectCode

TaskAttribute

valueChar
valueClob
valueNr

InterfacedMessage

correlationId
requestMessage
responseMessage

DataFile

File data

PolicyAccountTransaction

descr

Address

houseNumber