Hi, Ric: I'm not aware of any builtin feature to import masked data.
At a guess, you might implement a dictionary approach, providing a transform to replace the masked data by looking up the equivalent real data in the dictionary. Stating the obvious, updating based on masked data introduces some security risks, so you would want to restrict narrowly what can be replaced. Caveat: I've never tried to implement import for masked data. Perhaps others on the distribution have better suggestions. Erik Hennum ________________________________________ From: Shmennen <[email protected]> Sent: Monday, October 30, 2017 2:24:09 PM To: Erik Hennum; [email protected] Subject: Re: [MarkLogic Dev General] Data Masking on Import/Export Any thoughts about how to import masked data in MarkLogic? Some built in features? Thanks Ric On Mon, Oct 30, 2017 at 18:34, Shmennen <[email protected]> wrote: Thanks Erik, indeed I could not find anything in the docs ... BTW, I found this thread http://developer.marklogic.com/pipermail/general/2015-March/016633.html which mentions about data masking in context of flexible replication. I have configured one Master and one Slave based on https://docs.marklogic.com/guide/flexrep/quick_start#id_50142 but the info is not masked on Slave. Do you know what I can configure in addition to mask data on flexible replication? -Ric On Monday, October 30, 2017 6:24 PM, Erik Hennum <[email protected]> wrote: Hi, Ric: So far as I know, redaction is purely an export feature. Erik Hennum ________________________________________ From: Shmennen <[email protected]<mailto:[email protected]>> Sent: Monday, October 30, 2017 2:51:20 AM To: Erik Hennum; [email protected]<mailto:[email protected]> Subject: Re: [MarkLogic Dev General] Data Masking on Import/Export Thanks Erik. Is there any way to import the masked data (e.g. the masked fields + updated not-masked fields) and MarkLogic to do the correlation on the fly for masked data? I could not find this in the Redaction part... Thanks Ric On Saturday, October 28, 2017 2:34 AM, Erik Hennum <[email protected]<mailto:[email protected]>> wrote: Hi, Richard: These are two separate features, which were introduced in MarkLogic 9: * Element Level Security prevents access to unpermitted branches of the document http://docs.marklogic.com/guide/security/element * Redaction masks data on export http://docs.marklogic.com/guide/app-dev/redaction A redacted export of the data can only be generated by a user with a role that has permission to access to the data. The user who generates the redacted export can, of course, make the redacted data available to users without permission to access the data. Erik Hennum ________________________________________ From: [email protected]<mailto:[email protected]><mailto:[email protected]<mailto:[email protected]>> <[email protected]<mailto:[email protected]><mailto:[email protected]<mailto:[email protected]>>> on behalf of Shmennen <[email protected]<mailto:[email protected]><mailto:[email protected]<mailto:[email protected]>>> Sent: Thursday, October 26, 2017 1:26:50 PM To: [email protected]<mailto:[email protected]><mailto:[email protected]<mailto:[email protected]>> Subject: [MarkLogic Dev General] Data Masking on Import/Export Hello All, Could you please point me to some useful documentation in order to configure data masking in MarkLogic? e.g. If a user cannot see field A inside an XML (e.g. user is not granted to permissions for that field), on export that field A should be masked. Then, if user modifies the exported data (fields he has access to, not the one masked) and wants to re-import it, then the field masked should be correlated to the initial value from ML. Thanks -Richard _______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
