Identity privacy lookup policies

The identity privacy lookup policies replace values from selected source entities with values from corresponding lookup table columns, thereby masking the source values.

The identity privacy lookup policies are bound to lookup tables in the EXTENDED_LOOKUP schema of the Optim™ sample data. When you create a lookup policy, you will map attributes in the source data with the attributes bound to the policy.

Before you can create a identity lookup privacy policy, you must define a lookup data source for the executor platform. The data source must include the tables from the EXTENDED_LOOKUP schema provided with the sample data.

Random and hash lookup

There are two options for identity privacy lookup processing, random and hash lookup. You can select the lookup option when you create a privacy policy.

A lookup table includes a column containing contiguous sequential values. Rows in the lookup table are selected by matching the sequential values in the lookup table with a value generated using the random or hash option.

Random Lookup
A random lookup selects a row at random from the lookup table to obtain replacement values.
Hash Lookup

In hash lookup processing, the replacement values are selected by hashing a source value and using the hashed value as an index to a row in the lookup table. A source column that is hashed does not need to be a column that will be replaced by lookup table values. The maximum length of the source and lookup columns is 256 characters. The hash function is case-sensitive, and you can convert a source value to upper case before it is hashed.

If a source column used to derive the hashed value contains certain values (NULL, spaces (for CHAR columns), and zero-length VARCHAR), the value is not hashed and the following reserved values are used as keys to the lookup table:

Source Value Lookup Table Key
NULL -1
spaces (CHAR or VARCHAR) -2
zero-length VARCHAR -3
multiple hash lookup columns where all values are one or more of the following values: NULL, spaces (CHAR or VARCHAR), or zero-length VARCHAR -4

Switch option

There a several lookup policies that use a switch value option to mask data based on a value in a selected switch attribute. The switch option is based on a country name or country code. For example, if the switch attribute in a row contains the value ″USA″, the policy will use data specific to the United States to mask data in the row.

The switch option uses the following values:

AU - Australia
AU, au, OZ, oz, Australia, australia
CA - Canada
CA, CAN, Canada, Canadian, ca, can
DE - Germany
DE, de, Deutschland, deutschland, GER, ger, Germany, germany, FRG, frg, BRD, brd, Bundesrepublik Deutschland
ES - Spain
ES, Espana, Spain, Spanish, PQH_ES, SPA, ESP, es, pqh_es, spa, esp
FR - France
FR, France, French, FRE, PQH_FR, FRA, fr, fre, fra, pqh_fr
IT - Italy
IT, Italy, Italian, ITA, PQH_IT, it, ita, pqh_it
JP - Japan
JP, Japan, Japanese, jp, Nippon, Nihon
UK - United Kingdom
UK, U.K., United Kingdom, Great Britain, England, Scotland, Wales, Northern Ireland, British, English, Welsh, Scottish, BRI, PQH_GB, WEL, SCO, GBR, GB, G.B., uk, bri, pqh_gb, wel, sco, gbr, gb
US - United States
US, U.S., USA, U.S.A., American, AM, us, usa, am