vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/dbss/umn/dbss_01_0266.html
Li, Qiao 6eff629de3 First upload for DBSS UMN. 
Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com>
Co-authored-by: Li, Qiao <qiaoli@huawei.com>
Co-committed-by: Li, Qiao <qiaoli@huawei.com>
2023-08-07 08:50:48 +00:00

63 lines
10 KiB
HTML
Raw Blame History

<a name="dbss_01_0266"></a><a name="dbss_01_0266"></a>
<h1 class="topictitle1">Configuring Privacy Data Protection Rules</h1>
<div id="body1563503150348"><p id="dbss_01_0266__p37991251131819">To mask sensitive information in entered SQL statements, you can enable the function of masking privacy data and configure masking rules to prevent sensitive information leakage.</p>
<div class="section" id="dbss_01_0266__section441811405410"><h4 class="sectiontitle">Prerequisites</h4><ul id="dbss_01_0266__ul37211429298"><li id="dbss_01_0266__li1610855617422">Database audit has been enabled.</li></ul>
</div>
<div class="section" id="dbss_01_0266__section1466435124817"><h4 class="sectiontitle">Procedure</h4><ol id="dbss_01_0266__ol18449141653"><li id="dbss_01_0266__li108671927123816"><span>In the navigation tree, choose <strong id="dbss_01_0266__b5784648103219">Rules</strong>.</span></li><li id="dbss_01_0266__li168521066525"><span>In the <strong id="dbss_01_0266__b189721511411">Instance</strong> drop-down list, select the instance whose privacy data protection rule is to be configured.</span></li><li id="dbss_01_0266__li4174122125815"><span>Click the <strong id="dbss_01_0266__b2853112917425">Privacy Data Protection</strong> tab.</span><p><div class="note" id="dbss_01_0266__note8854192315450"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="dbss_01_0266__p38556230450">Only user-defined rules can be edited and deleted. Default rules can only be enabled and disabled.</p>
</div></div>
</p></li><li id="dbss_01_0266__li458115833812"><span>Enable or disable <strong id="dbss_01_0266__b1284645717417">Store Result Set</strong> and <strong id="dbss_01_0266__b1382620514">Mask Privacy Data</strong>.</span><p><ul id="dbss_01_0266__ul1916125416387"><li id="dbss_01_0266__li18577163614463"><strong id="dbss_01_0266__b249315111152">Store Result Set</strong><p id="dbss_01_0266__p15368195294617">You are advised to disable <span><img id="dbss_01_0266__image174180192155" src="en-us_image_0000001193982039.png"></span>. After this function is disabled, database audit will not store the result sets of user SQL statements.</p>
<p id="dbss_01_0266__p168981314185919">Do not enable this function if you want to prepare for PCI DSS/PCI 3DS CSS certification.</p>
</li><li id="dbss_01_0266__li1657713366462"><strong id="dbss_01_0266__b128507713817">Mask Privacy Data</strong><p id="dbss_01_0266__p3976640144412">You are advised to enable <span><img id="dbss_01_0266__image1924411591447" src="en-us_image_0000001530562784.png"></span>. After this function is enabled, you can configure masking rules to prevent privacy data leakage.</p>
</li></ul>
</p></li><li id="dbss_01_0266__li18302144115014"><span>Click <strong id="dbss_01_0266__b15744178584">Add Rule</strong>. In the displayed <strong id="dbss_01_0266__b1174151717587">Add Rule</strong> dialog box, set the data masking rule, as shown in <a href="#dbss_01_0266__fig45721822818">Figure 1</a>. For details about related parameters, see <a href="#dbss_01_0266__table4295843716304">Table 1</a>. </span><p><div class="fignone" id="dbss_01_0266__fig45721822818"><a name="dbss_01_0266__fig45721822818"></a><a name="fig45721822818"></a><span class="figcap"><b>Figure 1 </b>Add Rule dialog box</span><br><span><img id="dbss_01_0266__image886816333474" src="en-us_image_0000001531043744.png"></span></div>
<div class="tablenoborder"><a name="dbss_01_0266__table4295843716304"></a><a name="table4295843716304"></a><table cellpadding="4" cellspacing="0" summary="" id="dbss_01_0266__table4295843716304" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Rule parameters</caption><thead align="left"><tr id="dbss_01_0266__row4338993216304"><th align="left" class="cellrowborder" valign="top" width="21%" id="mcps1.3.3.2.5.2.2.2.4.1.1"><p id="dbss_01_0266__p2492361616304">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="61%" id="mcps1.3.3.2.5.2.2.2.4.1.2"><p id="dbss_01_0266__p554697916304">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.3.2.5.2.2.2.4.1.3"><p id="dbss_01_0266__p4665219216304">Example Value</p>
</th>
</tr>
</thead>
<tbody><tr id="dbss_01_0266__row1332204111319"><td class="cellrowborder" valign="top" width="21%" headers="mcps1.3.3.2.5.2.2.2.4.1.1 "><p id="dbss_01_0266__p33321041237">Rule Name</p>
</td>
<td class="cellrowborder" valign="top" width="61%" headers="mcps1.3.3.2.5.2.2.2.4.1.2 "><p id="dbss_01_0266__p153321841736">Name of a rule</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.5.2.2.2.4.1.3 "><p id="dbss_01_0266__p1467665173912">test</p>
</td>
</tr>
<tr id="dbss_01_0266__row177601257112915"><td class="cellrowborder" valign="top" width="21%" headers="mcps1.3.3.2.5.2.2.2.4.1.1 "><p id="dbss_01_0266__p137601957182910">Regular Expression</p>
</td>
<td class="cellrowborder" valign="top" width="61%" headers="mcps1.3.3.2.5.2.2.2.4.1.2 "><p id="dbss_01_0266__p17760145712293">Regular expression that specifies the sensitive data pattern</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.5.2.2.2.4.1.3 "><p id="dbss_01_0266__p1076010574298">-</p>
</td>
</tr>
<tr id="dbss_01_0266__row0860165713317"><td class="cellrowborder" valign="top" width="21%" headers="mcps1.3.3.2.5.2.2.2.4.1.1 "><p id="dbss_01_0266__p12331342414">Substitution Value</p>
</td>
<td class="cellrowborder" valign="top" width="61%" headers="mcps1.3.3.2.5.2.2.2.4.1.2 "><p id="dbss_01_0266__p17861057634">Value used to replace sensitive data specified by the regular expression</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.5.2.2.2.4.1.3 "><p id="dbss_01_0266__p198613573313">###</p>
</td>
</tr>
</tbody>
</table>
</div>
</p></li><li id="dbss_01_0266__li131732038132810"><span>Click <span class="uicontrol" id="dbss_01_0266__uicontrol412194462212"><b>OK</b></span>.</span><p><p id="dbss_01_0266__p1821392054316">A masking rule in the <strong id="dbss_01_0266__b1234921310231">Enabled</strong> status is added to the rule list.</p>
</p></li></ol>
</div>
<div class="section" id="dbss_01_0266__section12595165223"><h4 class="sectiontitle">Verifying a Rule</h4><p id="dbss_01_0266__p175901841102114">Perform the following steps to check whether a rule takes effect. The audit information about passport No. in a MySQL database is used as an example.</p>
<ol id="dbss_01_0266__ol729879165"><li id="dbss_01_0266__li0294761612"><span>Enable <strong id="dbss_01_0266__b858905201316">Mask Privacy Data</strong>, and ensure the "Passport NO." masking rule is enabled, as shown in <a href="#dbss_01_0266__fig10156628163415">Figure 2</a>.</span><p><div class="fignone" id="dbss_01_0266__fig10156628163415"><a name="dbss_01_0266__fig10156628163415"></a><a name="fig10156628163415"></a><span class="figcap"><b>Figure 2 </b>Enabling privacy data protection</span><br><span><img id="dbss_01_0266__image11126531174915" src="en-us_image_0000001581444553.png"></span></div>
</p></li><li id="dbss_01_0266__li4441161113134"><span>Log in to the database as user <strong id="dbss_01_0266__b181401538172818">root</strong> through the MySQL database client.</span></li><li id="dbss_01_0266__li27071831144718"><span>On the database client, enter an SQL statement.</span><p><p id="dbss_01_0266__p172682719191"><strong id="dbss_01_0266__b1529595591920">select</strong> <strong id="dbss_01_0266__b1962130192014">* from db where HOST=</strong>"<i><span class="varname" id="dbss_01_0266__varname6633145172015">Passport NO.</span></i>";</p>
</p></li><li id="dbss_01_0266__li1258210924010"><span>In the navigation pane, choose <strong id="dbss_01_0266__b1184553019313">Dashboard</strong>.</span></li><li id="dbss_01_0266__li363113791716"><span>In the navigation tree on the left, choose <span class="uicontrol" id="dbss_01_0266__uicontrol11375363633391"><b>Data Reports</b></span>. The <span class="wintitle" id="dbss_01_0266__wintitle10524380873391"><b>Data Reports</b></span> page is displayed.</span></li><li id="dbss_01_0266__li1759942816404"><span>In the <strong id="dbss_01_0266__b993520346407">Instance</strong> drop-down list, select the instance whose SQL statement information you want to view. Click the <strong id="dbss_01_0266__b1922342184017">Statements</strong> tab.</span></li><li id="dbss_01_0266__li19125101617432"><span>Set filtering conditions to find the entered SQL statement.</span></li><li id="dbss_01_0266__li1833254811227"><span>In the row containing the SQL statement, click <strong id="dbss_01_0266__b14548945182012">Details</strong> in the <strong id="dbss_01_0266__b209691847112018">Operation</strong> column.</span></li><li id="dbss_01_0266__li92523439251"><span>Check the SQL statement information in <span class="parmname" id="dbss_01_0266__parmname17244143174514"><b>SQL Statement</b></span>.</span></li></ol>
</div>
<div class="section" id="dbss_01_0266__section1952662945517"><h4 class="sectiontitle">Common Operations</h4><p id="dbss_01_0266__p12162143413556">After adding a user-defined masking rule, you can perform the following operations on it:</p>
<ul id="dbss_01_0266__ul1461043111312"><li id="dbss_01_0266__li1761114316136">Disable<p id="dbss_01_0266__p1547553814159"><a name="dbss_01_0266__li1761114316136"></a><a name="li1761114316136"></a>Locate the row that contains the rule to be disabled and click <strong id="dbss_01_0266__b64675484326">Disable</strong> in the <strong id="dbss_01_0266__b76341642183217">Operation</strong> column. A disabled rule cannot be used.</p>
</li><li id="dbss_01_0266__li1986961531716">Edit<p id="dbss_01_0266__p2041942821714"><a name="dbss_01_0266__li1986961531716"></a><a name="li1986961531716"></a>Locate the row that contains the rule to be modified, click <strong id="dbss_01_0266__b49625619344">Edit</strong> in the <strong id="dbss_01_0266__b127618915347">Operation</strong> column, and modify the rule in the displayed dialog box.</p>
</li><li id="dbss_01_0266__li1220210486138">Delete<p id="dbss_01_0266__p7460517191613"><a name="dbss_01_0266__li1220210486138"></a><a name="li1220210486138"></a>Locate the row that contains the rule to be deleted, click <strong id="dbss_01_0266__b22943443417">Delete</strong> in the <strong id="dbss_01_0266__b77183716343">Operation</strong> column, and click <strong id="dbss_01_0266__b8400154673418">OK</strong> in the displayed dialog box.</p>
</li></ul>
</div>
</div>
View Git Blame Copy Permalink