This topic describes how to configure de-identification algorithms supported by Sensitive Data Discovery and Protection (SDDP).

Background information

SDDP supports seven de-identification algorithms, including hashing, masking, substitution, bit shifting, encryption, decryption, and shuffling. For more information, see Supported de-identification algorithms.


  1. Log on to the SDDP console.
  2. In the left-side navigation pane, choose Sensitive Data Desensitization > Desensitization Algorithm.
  3. On the Desensitization Algorithm page, click the tab for the de-identification algorithm that you want to use for static de-identification.
    De-identification algorithms
  4. Configure the de-identification algorithm.
    You can configure each de-identification algorithm in the following way:
    • Hashing: Set a salt value for each salted algorithm.

      In cryptography, you can insert a specific string to a fixed position in a password so that the hash value of the new password is different from that of the original password. This process is called salting. A salt value is the specific string that you insert.

    • Masking: Set parameters for the masking algorithm.
    • Replacement: Set parameters for the substitution algorithm.
    • Transformation: Set parameters for the bit shifting algorithm.
      Bit shifting
    • Encryption: Set a key for each encryption algorithm.
    • Data Decryption: Set a key for each decryption algorithm.Data Decryption
    • Shuffling: Select a shuffling method.
      Note You do not need to test the shuffling method. Click Submit directly after you select a shuffling method.
  5. Click Test for a parameter.
    In the Desensitization Algorithm Test right-side pane, enter a value and click Test to check whether the specific parameter of the de-identification algorithm works.Desensitization Algorithm Test

    After the test is completed, close the Desensitization Algorithm Test right-side pane.

  6. Click Submit for the parameter that you have tested.

What to do next

After you configure the de-identification algorithm, go to the Static Desensitization page to create a de-identification task with the de-identification algorithm or modify the de-identification algorithm of an existing de-identification task. For more information, see Perform static de-identification.Add or modify a de-identification task