2.17.2 Create data redaction policy
Once the data masking details are defined and stored in the database, you need to create a data redaction policy which facilitates for field level masking while displaying the details to the respective user. A data redaction policy file contains the policies on the columns enabled in the Data Masking Details screen.
To create data redaction policy
Table 2-78 Create data redaction policy
| Set Code | Description | Job Code |
|---|---|---|
| SET-RED | POLICY CREATION FOR PERSONAL IDENTIFIABLE INFORMATION DATA | REDPRC_BJ_100_01 |
This batch job can either be scheduled for regular run or executed on-demand and facilitates to generate data redaction policy picking only the enabled data masking field information from database. On every run, the batch job drops and re-creates new set of policies in the file based on the details updated in Data Masking Details screen.
- if the value of system parameter CMN_FILE_PROCESS_TO_LOB is set to Y, the policy file is generated in CLOB and can be accessed by navigating to DashBoard > Process Files screen. For more information on handling Incoming/Outgoing process files, refer to Dashboard section in User Guides.
- If the value of system parameter CMN_FILE_PROCESS_TO_LOB is
N, the policy is generated as an sql file and stored
in the repository path as defined in the system parameter -
CMN_SERVER_HOME. For example,
/scratch/OFSLL/<release>/sql.
Note:
For every change in the data masking details such as masking additional fields or unmasking / disabling masked fields, a new policy is to be created by executing the batch job.Parent topic: Data Masking