Data Masking for Adabas Becky Albin Chief IT Architect
Find Your Inner Genius at ProcessWorld 2012! Get smarter about using IT to improve business performance Discover inspiring solutions to your pressing business challenges Open your mind to new approaches, new tools and new people Save the Date ProcessWorld 2012 Orlando, Florida October 15-17 www.processworld.com
"Moving Forward with Adabas 8" Duration 3.0 hours Audience: DBA's and Programmers. Speaker: Jim Poole (Verizon) Adabas 8 has been a whirlwind of changes where there is a fear that shops have overlooked the incredible range of new features and possibilities. With Adabas 8.2 alone, there were over 40 changes that provide opportunities for DBA and programmers alike. In this fast-paced technical presentation, many of the Adabas 8 changes are explained and how they impact the ways we do business. Enroute, recent benchmark performance studies were done on Adabas caching, changing some long-held paradigms. Those results are presented. Topics include: -Adabas Caching (what, when, why) -Date/Time System Fields -Spanned Records, prevent future risk -Logical removal of fields and descriptors -Improvements to PLOG and WORK -Event Log -A Panoply of other
" Legacy Natural GUI Application Modernization using ONE" Duration 3.0 hours Audience: DBA's and Programmers. Speaker: Steve Robinson of S.L. Robinson and Associates Inc. Many Adabas/Natural applications are being transferred to other platforms or software based on a misconception, namely, that Natural is not capable of producing many of the GUI effects seen on web and PC software. This is an erroneous rationale. Natural has many facilities that most Natural programmers are unaware of. Natural has screen scrapping commands, colored bar charts, animation, and many other facilities. The net effect of using such facilities are systems which closely resemble web and PC systems. Natural can provide the same GUI bling that one finds on a web based application? There are many new and existing tools to do this. So why not leave the Adabas/Natural world? Topics include: NaturalONE Overview - Introduce attendees to NaturalOne; the component parts, the rationale for using NaturalOne, the advantages to using NaturalOne for application modernization. We will see how to revitalize existing Natural applications without a lot of expense
Adabas and Natural Sessions for Process World 2012 Customer Presentations Presenter Managing DMV Pictures & Signatures with Adabas Large Object (LOB) Fields State of South Dakota What s Next for Adabas and Natural? The Strategic Direction Software AG Active Data Warehousing Made Easy with Adabas SQL Gateway Royal Bank of Canada Achieve Significant Quality Improvements by using Better Test Data with Data Masking for Adabas Pennsylvania State University EntireX Broker Centralizes Drivers License Management State-wide State of Virginia Natural Remote Data Collector (RDC); Monitoring and much more State of Washington Retirement System Case Study FSCJ: College Inventory Management using a Mobile Application Adabas Replication: How we do it at NYC DoITT New York City Department of Information Technology Alan Peterson Guido Falkenberg Nikolai Chmatov Carl Seybold Pam Schwartz Darrell Davenport Chris Martin George Wolff
Data Masking - What the Analysts say Forrester Group (Noel Yuhanna) states: All enterprises dealing with private in test environments should mask or generate test to comply with regulations such as PCI, HIPAA, SOX and European Union (EU) 80% of all threats come from inside and 65% are undetected Accenture and Information Week Security breaches are increasingly coming from inside an organization Gartner 70% of all security incidents come from insiders Ernst & Young An insider attack against a large company causes an average of $2.7 million US in damages, whereas the average outside attack costs only $57,000
Data Masking Why would you use it? Improve application quality - artificially generated test is usually insufficient Secure sensitive in Development environments Test centers Offshore activities Provide a real business training environment without publishing sensitive Compliance with legal regulations such as HIPAA, SOX and others
Data Masking - Value Proposition - Ability to consistently create reduced and secured test - Rapid masking of from across the enterprise to, deliver de-identified for testing - Provides a repeatable and automated solution to reduce the resources needed to create test - Easily create high quality training with a low cost investment - Facilitates an essential and safe training environment for end-users, when using live for training - Reduce risk of legal exposure for compromised
Data Masking Current Status - General Availability end of 1 st quarter 2012 - Trial copies can be obtained; contact your Software AG Account Representative - Supported Source Databases: Adabas Oracle DB2 (UDB and z/os) Microsoft SQL Server MySQL Sybase Ingres SQLAnywhere Informix Cache VSAM Flat Files
Data Masking Hype or Requirement? Challenge High quality test is required for: Improved application quality Test and training environments Most organizations use home-grown scrambling methods or even Production Legal regulations do not allow use of Scrambling methods do not always consider semantics Applications do not always function using such Preparation is a time consuming and inconsistent manual process Cross references are not often considered/maintained
Data Masking Hype or Requirement? Business aspect Business needs high quality applications Online shops are open for 24 hours a day The competition is one click away Pressure to reduce cost Creating artificial test is expensive Manual process Each project team does more or less the same Not all use cases can be built References across tables are difficult to handle Difficult to create the same values every time Define rules Select Copy Copied Mask According to rules Masked Creating test can delay projects which affects business negatively Software package needs to fulfill all requirements and have an early ROI Create repeatable processes/procedures
Data Masking Software that fulfills the requirements Criteria for a solution Ease-of-use Almost no training needed on the software Easy to exchange obfuscation rules with non-it staff First results needed quickly (<1 day) Define rules Select Copy Copied Mask According to rules Results that are key Masked must look like Semantics must be maintained Reverse engineering must not be possible Masked Production needs to be used as input for the masking process
Data Masking Software that fulfills the Requirements Criteria for a solution Data source coverage One tool, not one per base type Adabas, all market relevant RDBMS and flat files need to be supported Platform coverage Mainframe Distributed environments (LUW) Define rules Select Copy Copied Mask According to rules Masked
Data Masking Software that fulfills the Requirements Criteria for a solution A rich set of rules need to be available Replacement Custom functions/seed tables Hashing Translation Substitution Multi-table columns ZIP code Credit cards number manipulation Social security number manipulation Random numeric/text Etc. Define rules Select Copy Copied Mask According to rules Masked
Data Masking Data Masking for Adabas A solution that fulfills the criteria Supports the requested rules Extended features are available Cross reference masking beyond Referential Integrity Reference can be used Using where clauses Ease to learn and run Use a sophisticated user interface to define rules and run-time option Non-IT professionals understand rules easily Run the masking process as a background task Using a simulation before changing in a base Define rules Select Copy Copied Mask According to rules Masked
Data Masking Data Masking for Adabas A successful approach requires knowledge of your Which is sensitive and need to be masked? Which columns contain what? Which relationship consists between, maybe across tables? Are there invalid in your sources? What is the goal? Test a new part of an application Achieve legal compliance Define rules Select Copy Copied Mask According to rules Ready to start? Masked
Close a Gap Provide what s required Hide what s necessary Provide high quality test Test Application Data Masking Masked Copy of Production Enhance Use Adabas Tools to create Rules Run-time parameter Data Mapping Production Application Meta- Production Protect sensitive
Data Masking for Adabas Architecture Production Application Test Application Adabas Nucleus Adabas Nucleus Adabas SQL Gateway Data Server Adabas SQL Gateway SQL Engine Masking Engine Mapping Tool Adabas Tools to create Rules Run-time Options Production Copy Masked Production Production Meta- Repository Mainframe / Distributed Environments Distributed Environments
Prepare your Database Environment Create a copy of the Adabas base Define the file/table GTSRC_XREF for cross reference masking Masking consistently across different tables Prepare an Adabas SQL Gateway meta- repository (CDD)
Getting familiar with the SDM Environment Structure after installation Windows/Linux/Unix Main directory contains The software connect file A number of home-grown test cases Sub-directories Audits Backups DDM result file if defined backup of rule files Natural DDMs Errorlogs Logs Seedtables run logs contains a number of reference
Getting familiar with the SDM Environment Start Mapping Process connectadabas GTMAPPER is the tool to define masking rules and run-time options Start the Mapper, select the appropriate connect file and Connect connect parameter file The connectadabas file is used to connect to the Adabas SQL Gateway User name, password, default schema are defined in the Adabas SQL Gateway meta- repository (CDD) Host refers to the JDBC definition made through the DSNRegistry tool
Simple Data Masking Getting Started Connect to the Meta repository of the Adabas SQL Gateway Open rules file if available Define rules Define run-time options Save rules and options in files Run the masking process
Getting familiar with the SDM Environment Define Rules - Main Functions Select a Table Select a Column Select a Rule Define Values or Open an existing File
Getting familiar with the SDM Environment Define Run-time Options Define Audit Option Define Reference File Cross Connection File Define Reference Table Specify update mode or Open an existing File
Getting familiar with the SDM Environment Define Rules - Main Functions Save Definitions Close the GTMAPPER The save operation creates A file containing - Rules - Run-time Options - Start Script Check Parameter Run Masking Check Results
SDM Auditing and Logging Options Depending on the option An audit file is generated containing all actions along with the original and the new values Log files are written which contain information about the masking run and possible errors
Next Steps Order a test copy of Data masking for Adabas Get assistance if needed Saving money by reducing project time Reduce demands on application staff Improve application quality Achieve compliance