Updated on 2024-10-28 GMT+08:00

Creating an OBS Masking Task

After creating an OBS masking task, you can mask sensitive information of OBS data.

This section describes how to create an OBS data masking task.

Prerequisites

Constraints

  • DSC does not support the parallel file system of OBS.
  • DSC supports files such as .txt, .log, .xml, .ini, .sql, .inf, .java and .json or files whose mime type starts with text.

Creating and Running an OBS Masking Task

  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. In the navigation tree on the left, click . Choose Security & Compliance > Data Security Center .
  4. In the navigation pane, choose Data Asset Protection > Data Masking and click the OBS tab. The OBS Masking page is displayed.
  5. Click and set Sensitive OBS Data Masking to to enable OBS masking.
  6. Click Create Task. On the displayed Configure Data Source page, configure parameters according to Table 1.

    Table 1 Parameter description

    Parameter

    Description

    Task Name

    You can customize the name of a data masking task.

    The task name must meet the following requirements:
    • Contain 1 to 255 characters.
    • Consist of letters, digits, underscores (_), and hyphens (-).

    Select Data Source

    Select a data source. Only OBS is supported.

    Data Source

    OBS Bucket Name: Select an OBS bucket asset name from the drop-down list box.

    OBS File Path: Select an OBS bucket file path from the drop-down list box.

    File Type: Currently, only the text type is supported.

    NOTE:

    Only assets with read and write permissions can use the masking function.

  7. Click Next. The Set Masking Algorithm page is displayed, as shown in Figure 1.

    Figure 1 Setting a masking algorithm for OBS masking tasks
    1. Identification Template: Select an identification template from the drop-down list box.

      If a sensitive data identification rule is disabled in the sensitive data identification template, the corresponding sensitive information is not displayed.

    2. Click the switch in the Status column to disable masking for the sensitive data type.

      If the Status button is disabled, the identification rule is enabled but masking is not performed after identification.

    3. Data masking algorithms:

      By default, Simulation Masking is enabled, ensuring that no information is lost and the data format remains unchanged after masking. For more information on the sensitive data types supported by simulation masking, refer to Simulation Masking. Additionally, you can choose one of the following masking algorithms from the drop-down list:

      Hash: For details, see Hash.

      Character coverage: For details, see Character Masking.

      Keyword replacement: For details, see Keyword Replacement.

      Deletion: For details, see Value Change.

  8. Click Next. The Masking Configuration page is displayed.

    • Traverse Subdirectories: If you enable Traverse subdirectories, the subdirectories in the source directory will be masked.
    • File renaming: If you enable File renaming, masked files will be renamed.
      • File Prefix/File Suffix: Enter a maximum of 16 characters. Only letters, digits, underscores (_), and hyphens (-) are allowed.
      • Example of renaming a file: The original file name is Test.txt, the prefix is DSC_, and the suffix is 1. The renamed file is DSC_Test1.txt.

  9. Click Next. The Data Target Configuration page is displayed, as shown in Figure 2.

    Figure 2 Data Target Configuration - OBS Masking Task
    1. OBS Bucket Name: Select a bucket after masking from the drop-down list box.
    2. OBS File Path: Click and select an OBS file path in the displayed dialog box.

      The path of the target OBS bucket cannot be the same as that of the source OBS bucket or the subdirectory of the source OBS bucket.

  10. Click OK. The OBS masking task is created.
  11. Go to the OBS tab page, locate the target masking task, click Enable/Disable to enable the task, and click Run in the Operation column.
  12. After the task is executed, the system starts to perform masking based on the settings.

Viewing the Status of an OBS Data Masking Task

  • On the OBS page, click to view the masking task status, as shown in Figure 3.

    The task statuses are described as follows:

    • Completed: The data masking task has been successfully executed.
    • Running: The data masking task is being executed.
    • Pending execution: The data masking task is not executed.
    • Stopped: The data masking task has been manually stopped.
    • Failed: The data masking task fails to be executed.
      Figure 3 OBS masking task running status

Editing and Deleting an OBS Data Masking Task

A masking task in the Waiting or Running status cannot be edited or deleted.

  • In the OBS data masking task list, locate the row containing the target data masking task and click Edit in the Operation column to modify masking task information. For details, see Creating and Running an OBS Masking Task.
  • In the OBS data masking task list, click Delete in the Operation column.

    Deleted masking tasks cannot be restored. Exercise caution when performing this operation.