Create a New Rule

A rule is a logical entity specifying how data elements act to disguise any data. The rule can include both rule actions and rule logic. The first rule action can be created when creating the rule, but all other actions and rule logic must be created by editing the rule after it is created.

Rule actions determine what will happen when the rule is executed and are required to complete a disguise rule when Next was selected during rule creation. If this rule does not require any rule actions because the disguise will be handled by rule logic, you can click Back to return to the Create New Rule dialog box and then click Finish to complete the rule. See Data-Privacy-Rule-Actions for a description of the different types of rule actions and how to use them.

A rule can be created as a global rule to be used by multiple projects, or it can be created specifically for a local project and used only by that project. The role assigned to a user determines who can add a new rule to a project.

Important

If you create a global rule (within the global project), that rule can only be updated in the global project. You cannot update the global rule (for example, add a rule action) from within a local project.

To create a new data privacy rule:

Open the desired repository and project.
Click the Rules tab. The Rules view appears listing all of the rules currently available for this project in the Rule List portion of the view.
Click Add. The Create New Rule dialog box appears.
Enter a Rule name and optional Description.
Select the type of rule actions to create: Format Preserving Encryption, Translation, Composite, or Overloaded.
If None is selected and you click Finish, an empty rule will be saved and will appear in the Rule List within the rule editor. Edit the rule to change the name and description of the empty rule. Use the Edit button to access the rule for editing.
If you selected Format Preserving Encryption, the Format Preserving Encryption Action dialog box appears.
1. Enter a name for the rule action in the Action name field.
2. In the Encryption Key section, either select Managed key and choose one from the adjacent drop-down list, or select Enter key value and type a value in the adjacent field. The key entered can be viewed by checking the Display key value box.
3. In the Action section, select Encrypt or Decrypt.
4. In the Project Resources section, select the data elements or variables to be included in the rule action. You may optionally enter a field mask for selected items. For more information about field masks, see Field-Mask-Processing.
5. Expand the Advanced section if changes are needed for code page or custom encryption routines.
  - If you need to use a code page other than the default, select one from the Code Page to be used for this encryption drop-down list. Choosing a code page is only required when your source data doesn't match the default code page. For example, DBCS data requires a different code page than English data requires.
  - If you need to use a custom encryption routine, select one from the Custom Encryption Routine drop-down list. All custom encryption routines must be registered before being used. Use the Resource Administration task for Manage Custom Functions to register your custom encryption routine.
6. Click Finish. The disguise rule and its rule action appear in the Rule List and Rule Actions list.
If you selected Translation, the Translation Rule Action dialog box appears. This type of rule action replaces data to be disguised with data from a previously created translate table. For more information, see Translation-Rule-Actions.
1. Enter a name for the rule action in the Action name field.
2. Choose a Translate table from the drop-down list.
3. Choose an Access path from the drop-down list. Available translate table data is listed in the Translate Table Properties section.
4. Click Next to continue defining the Translation rule action; the next pages you see will vary based on the access path selected. See the topics listed in Translation-Rule-Actions for more details.
If you selected Composite, the Composite Rule Action dialog box appears. This type of rule action disguises parts of data within a column. For more information, see Composite-Rule-Actions.
1. Enter a name for the rule action in the Action name field.
2. Choose a project Resource from the Project resource drop-down list. This is the target that action will act upon.
3. Type the Field mask (optional) if necessary. See the topics listed in Field-Mask-Processing for more details.
4. Click Next to continue defining the composite rule action. In the next pages, you have the option to change the rule action name, if necessary. You will select composite definition and map data items to data elements. See Composite-Rule-Actions for more details.
If you selected Overloaded, the Overloaded Rule Action dialog box appears. This type of rule action disguises data based on conditions defined in the Overloaded-Rule-Actions.
1. Enter a name for the rule action in the Action name field.
2. Choose a project resource from the Project resource drop-down list. This selected resource is the target resource that rule will act upon.
3. Type the Field mask (optional) if necessary. See the topics listed in Field-Mask-Processing for more details.
4. Click Next to continue defining the overloaded rule action. In the next pages, you have the option to change the rule action name, if necessary. You will add conditions using the Build to add expression using Expression Builder. See the topics listed in Overloaded-Rule-Actions for more details.

If you need to create any rule variables or rule logic for your rule, see Create-a-New-Rule-Variable or Create-a-New-Expression-with-the-Expression-Builder for details.

After your rule is complete, you can view a summary of the rule information by clicking the Summary button. When the Summary window is open, you can print the rule summary, if desired.

Create a New Rule

On this page