Data Management (DMS) allows you to define fields that contain sensitive and confidential
data, such as mobile phone numbers, as sensitive fields. For users who have no access
permission on sensitive fields, the data of the sensitive fields are displayed in
the ***
format in query results. In addition, DMS provides redaction algorithms for you to
de-identify sensitive data in a flexible way.
Prerequisites
A database named
poc_prod
is created. For more information, see
Design schemas.
Note This topic shows you how to manage the security of sensitive data in the poc_prod
database.
Specify sensitive fields and redaction algorithms
- Log on to the DMS console as a DMS administrator.
- , click the
Poc_prod
instance, right-click the poc_prod
database, and then select Tables.
- Click the
icon to the left of the data_modify table. All the fields of the data_modify table are displayed.
- On the Column tab, click Adjust.
- Select Sensitive for the
phone
field and click Submit for Security Department Approval.
The phone
field is defined as a sensitive field.
- Click OK and wait for approval.
You are navigated to the Security LevelTicket Details tab. To view the approval status,
click View Approval Details.
- After the ticket is approved, query the data of the sensitive field on the SQLConsole
tab.
In this example, the returned values of the
phone
field are fully redacted.

Note All DMS users, including DMS administrators and database administrators (DBAs), must
apply for permissions on sensitive fields before they can view the data of the sensitive
fields. For more information, see
Apply for permissions to access sensitive fields.
- In the top navigation bar, move the pointer over the More icon and choose .
- Find the sensitive field that you want to manage and click Add Algorithm in the Actions column.

Note You can also enter the name of the sensitive field in the search box to search for
the sensitive field.
- In the Add Algorithm dialog box, set the parameters as required and click Add.
Note In this example, the Algorithm Type parameter is set to
Fixed Position. For more information about the algorithms that are used to redact sensitive data,
see
Manage sensitive data.

Parameter |
Description |
Algorithm Type |
The type of the algorithm. Valid values:
- Fixed Position: The characters at the specified positions are redacted.
- Fixed Character: The specified characters are redacted.
- Full Masking: All of the characters are redacted.
|
Masking String |
The string to display as the de-identified content. Default value: *** .
|
Masking Position |
The positions of the data to be de-identified in the field value. In this example,
set the parameter to (1,5) , which indicates that the first to fifth characters are redacted. You can also set
the parameter to (5) for short.
Note You can specify a maximum of three positions, such as (1,4),(6,7),(-2) . In this case, the first four characters, sixth and seventh characters, and last
two characters are redacted.
|
Algorithm Description |
The description of the algorithm. |
Apply for permissions to access sensitive fields
All DMS users, including DMS administrators and DBAs, must apply for permissions on
specific sensitive fields before they can query the data of the sensitive fields.
This example demonstrates how to apply for permissions on sensitive fields as a regular
user.
- Log on to the DMS console as a regular user.
- In the top navigation bar, move the pointer over the More icon and choose .
- On the Permission Application Ticket tab, enter
poc_prod
as the database name and click Search.
- Select the sensitive field that you want to manage from the matched results and click
Add. The sensitive field appears in the Selected Databases/Tables/Columns section.
- In the Select Permission section, set the parameters as required and click Submit. The following table describes the parameters.

Parameter |
Description |
Permission |
The type of permission for which you want to apply. Valid values: Query, Export, and Change.
Note You can select one or more permission types.
|
Data Masking Method |
The way in which the sensitive data is displayed. Valid values:
- Semi-sensitization: The data is displayed in the format that is generated after the specified redaction
algorithm is run.
- Plain Text: The data is displayed in plaintext.
Note Assume that you set the Permission parameter to Export and the Data Masking Method parameter to Semi-sensitization. In this case, the data exported from the sensitive field is partially de-identified.
|
Duration |
The validity period of the selected one or more permissions. |
Reason |
The description of the business background and the reason for this application. This
reduces unnecessary communication and facilitates the approval process.
|
Note After the ticket is submitted, wait for approval. You can view the status of the ticket
in the My Tickets section of the Workbench tab.
- After the ticket is approved, query the data of the sensitive field on the SQLConsole
tab.
In this example, the Data Masking Method parameter is set to Semi-sensitization. Therefore,
the values of the
phone
field are displayed in the format that is generated after the specified redaction
algorithm is run.
