Skip to Main Content
IBM Data and AI Ideas Portal for Customers

This portal is to open public enhancement requests against products and services offered by the IBM Data & AI organization. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

IBM Employees should enter Ideas at

Status Not under consideration
Workspace Optim
Components Optim Data Privacy
Created by Guest
Created on Jul 30, 2021

z/OS Infosphere Optim - Data Masking - GDPR - New LUA function

The need is about the data masking and the GDPR constraints.

Our développers used the LUA capabilities of z/OS Optim.

The needs are

  • convert in a bijective way a numeric chain in a other numeric chain

  • if we run repeatedly a convert with the same chain, we obtain the same result

  • if we choose to, we have a means to request that the result changed

  • the convert can process numeric chain with 1 to 32 digits

Functionnaly the convert function has 3 parameters :

  • a variable wich drive the convert result

  • the number of digit of the initial numeric chain

  • the initial numeric chain

Our GDPR auditor's don't accept that our developpers created this program [risk of lack of the sources]. Then the good practice is external logiciel.

Needed By Month
  • Guest
    Aug 2, 2021


    I���m afraid, my english is a bit clumsy.

    Let���s me explicate more precisely .
    1 ��� The anonymisation of numeric chains.
    In our Information System we have sensible information wich representation is numeric [account number, etc]. For example ������012345678901234������, ������01234567899876������

    Rules of management :

    1. Bijectivity :
    The convert function transforms
    012345678901234 -> abcdefghijklmn numeric
    01234567899876 -> ABCDEFGHIJKLMN numeric
    abcdefghijklmn is never equal to ABCDEFGHIJKLMN

    1. Constancy of result, if we choose to
    During a non regression test we may refresh several time the data. The test data are build from the same initial data.
    Therefore, we must run the anonymisation accordingling and obtain the same results. Then :
    012345678901234 -> abcdefghijklmn
    01234567899876 -> ABCDEFGHIJKLMN

    1. Change of result, if we choose to
    During an other non regression test we may rebuild the tests data, but with another anonymisation result :
    The new exec convert transforms :
    012345678901234 -> a���b���c���d���e���f���g���h���i���j���k���l���m���n���
    Usually, a���b���c���d���e���f���g���h���i���j���k���l���m���n��� is not equal to abcdefghijklmn

    2 ��� GDPR Auditor��� aspect :
    With an anonymisation process, a very sensible data ������abcd������ is convert to ������ABCD������
    The constraint is, nobody must be capable to recover the original value of ABCD. The retro engineering must not be possible.
    A mean to achieve that is : this function is not internaly developped or an IBM standard. The source doesn���t risk internal leakage.

    3 ��� I have confuse ������leak������ and ������lack������. Sorry


    Dominique JOLY

    De : IBM Data and AI Ideas
    Envoy�� : dimanche 1 ao��t 2021 01:51
    �� : JOLY Dominique (BPCE-IT)
    Objet : Peter Costigan responded to idea OPTIM-I-157 z/OS Infosphere Optim - Data Masking - GDPR - New LUA function

  • Admin
    Peter Costigan
    Jul 31, 2021

    Optim Product Management is not able to consider this requirement further until we have more information as requested above.

  • Admin
    Peter Costigan
    Jul 31, 2021


    I'm sorry, I don't understand many parts of the discussion of this requirement.

    1. What is a "numeric chain"? Would you please give an example of a numeric chain and the masking behavior you are requesting?

    2. What does it mean that GDPR auditors "don't accept that our developers created this program"? Does it mean the auditors don't believe that it was created by your developers? Or they do believe, but that it is unacceptable for them to create it?

    3. What does it mean, "risk of lack of sources"? Have you lost the original source code for an Optim Column Map User exit?

    Thank you,