Skip to Content

Data Disguise in Other File-AID Products

Data privacy rules defined within the File-AID Data Privacy interface are applied to data from each of the other File-AID products. Each of these products includes an option to disguise data. When use dynamic privacy rules is selected, any rules which apply to the data being disguised will be applied.

Listed below are the File-AID products that can use data privacy shared rules and the type of data they can disguise:

There are two different ways in which data privacy rules can be defined and applied to data by the File-AID products: imbedded privacy rules and dynamic privacy rules. The differences between imbedded privacy rules and dynamic privacy rules are in the approach to privacy.

Imbedded Privacy Rules

Imbedded privacy rules have been part of the mainframe File-AID products for many years.

For imbedded privacy rules, disguise criteria must be defined for every object that is to be disguised. If social security number needs to be disguised, and there is a social security number in 50 different files, the rule to disguise social security number would have to be defined 50 times.

Imbedded privacy rules continue to be available within each of the File-AID products and will produce the same results as they did previously.

Dynamic Privacy Rules

Dynamic privacy rules are a more recent addition to the Data Privacy solution.

For dynamic privacy rules, the rule to disguise social security number is defined once and is then applied to all 50 objects. At disguise execution time, the metadata for the objects to be disguised is passed to the criteria builder component to create disguise criteria that are specific to the object being disguised. All disguise criteria are constructed at execution time and are not stored. Criteria are built specifically for the object being disguised.

The criteria builder component uses the data element definition to identify the source fields for each data element. When the source data identifier within the data element matches the field or column definition, the field is identified as being that data element. Whatever rules are defined for the identified data element are then built by the criteria builder for that specific field in that specific object.

Each File-AID product has an option to apply dynamic privacy rules; this requires that the repository and project to be used as the source of the disguise rules be identified. There is an option to list the available repositories and projects so that the appropriate project can be selected for the disguise request.

You must be careful to select the correct project so that the appropriate disguise rules will be used. Each project is designed to handle certain metadata based on its source data identifier definitions. Any metadata passed to the project is disguised based on the project definition. If you select the wrong project and that project is not expecting the metadata, results may not be acceptable, data may not be disguised, or data may be disguised incorrectly.

It is possible to preview which rules will be selected for metadata by using the Coverage feature available in the Data Privacy interface. Displaying coverage requires that metadata be defined to the project, but there is no requirement to preview coverage against any metadata.

Results

The results of disguising data with dynamic privacy rules will be different from the results of disguising data with imbedded disguise rules. The different results are due to coding changes required to deliver consistent results across data types and to handle international data.

Execution reports from each of the File-AID products will report on the use of dynamic privacy rules. The report identifies the repository and project used as a source of the rules, as well as data element and rule identification.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Compuware Topaz Workbench 20.10