About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Hi,
I���m afraid, my english is a bit clumsy.
Let���s me explicate more precisely .
1 ��� The anonymisation of numeric chains.
In our Information System we have sensible information wich representation is numeric [account number, etc]. For example ������012345678901234������, ������01234567899876������
Rules of management :
1. Bijectivity :
The convert function transforms
012345678901234 -> abcdefghijklmn numeric
01234567899876 -> ABCDEFGHIJKLMN numeric
abcdefghijklmn is never equal to ABCDEFGHIJKLMN
1. Constancy of result, if we choose to
During a non regression test we may refresh several time the data. The test data are build from the same initial data.
Therefore, we must run the anonymisation accordingling and obtain the same results. Then :
012345678901234 -> abcdefghijklmn
01234567899876 -> ABCDEFGHIJKLMN
1. Change of result, if we choose to
During an other non regression test we may rebuild the tests data, but with another anonymisation result :
The new exec convert transforms :
012345678901234 -> a���b���c���d���e���f���g���h���i���j���k���l���m���n���
Usually, a���b���c���d���e���f���g���h���i���j���k���l���m���n��� is not equal to abcdefghijklmn
2 ��� GDPR Auditor��� aspect :
With an anonymisation process, a very sensible data ������abcd������ is convert to ������ABCD������
The constraint is, nobody must be capable to recover the original value of ABCD. The retro engineering must not be possible.
A mean to achieve that is : this function is not internaly developped or an IBM standard. The source doesn���t risk internal leakage.
3 ��� I have confuse ������leak������ and ������lack������. Sorry
Regards
Dominique JOLY
De : IBM Data and AI Ideas
Envoy�� : dimanche 1 ao��t 2021 01:51
�� : JOLY Dominique (BPCE-IT)
Objet : Peter Costigan responded to idea OPTIM-I-157 z/OS Infosphere Optim - Data Masking - GDPR - New LUA function
Optim Product Management is not able to consider this requirement further until we have more information as requested above.
Hi,
I'm sorry, I don't understand many parts of the discussion of this requirement.
What is a "numeric chain"? Would you please give an example of a numeric chain and the masking behavior you are requesting?
What does it mean that GDPR auditors "don't accept that our developers created this program"? Does it mean the auditors don't believe that it was created by your developers? Or they do believe, but that it is unacceptable for them to create it?
What does it mean, "risk of lack of sources"? Have you lost the original source code for an Optim Column Map User exit?
Thank you,
Peter