Managing Masking Policies
This section describes how to manage the masking policies for static masking tasks.
In business activities, some enterprise departments need to analyze data for operations. In this case, data must be accessible to these departments even if it is sensitive. To meet this requirement and prevent data leakage, you can create data masking policies to mask sensitive data.
Prerequisites
- A sensitive data identification rule has been created. For details, see Creating Identification Rules.
- A built-in or custom masking algorithm has been created. For details, see Managing Masking Algorithms.
Creating a Data Masking Policy
- On the DataArts Studio console, locate an instance and click Access. On the displayed page, locate a workspace and click DataArts Security.
Figure 1 DataArts Security
- Choose from the left navigation bar, and click Create in the upper part of the displayed page.
Figure 2 Creating a data masking policy
- In the displayed dialog box, set the parameters listed in Table 1 and click OK.
Figure 3 Creating a data masking policy
Table 1 Parameters Parameter
Description
*Policy Name
The name of the policy to be created. Policy names can include only letters, numbers, and underscores (_) and cannot exceed 64 characters.
Description
A description of the policy to be created, which can contain a maximum of 255 characters.
*Status
If the status switch is turned on, the policy is available. If the status switch is turned off, the policy cannot be used.
*Recognition Rules and Masking Algorithm
Sensitive data identification rule and the corresponding masking algorithm
- *Recognition Rules: Select a data identification rule. For details, see Creating Identification Rules.
- Description: Enter a description of the rule.
- *Algorithm Type: Select an algorithm type. For details, see Table 2.
- *Masking Algorithm: Select an algorithm of the selected type. For details, see Table 2.
NOTE:Before using the following masking algorithms, you must configure keys:- HMAC-SHA256 hash algorithm
- DWS column encryption algorithm
For more restrictions on different masking algorithms, see Managing Masking Algorithms.
Related Operations
- Editing a masking policy: On the Masking Policies page, locate a policy and click Edit in the Operation column.
- Setting the masking policy status: A masking policy is enabled by default. If a data masking policy is disabled, it cannot be used by static data masking tasks.
To change the status of a data masking policy, click
or 
to enable or disable the policy.
Masking policies used by static masking tasks cannot be disabled.
- Deleting masking policies: On the Masking Policies page, locate a policy and click Delete in the Operation column. To delete multiple policies, select them and click Delete above the list.
Policies used by static masking tasks cannot be deleted. To delete such policies, modify the reference relationship first.
The deletion operation cannot be undone. Exercise caution when performing this operation.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
