Attribute Encryption

The product stores the user-related data in plain format in the database tables that you seed during installation. Use the Attribute Encryption Set Configuration page and select the user attributes that you want to encrypt. See "" for the list of attributes that support encryption.
aatest
The product stores the user-related data in plain format in the database tables that you seed during installation. Use the Attribute Encryption Set Configuration page and select the user attributes that you want to encrypt. See "Multi-Byte Character and Encrypted Parameters" for the list of attributes that support encryption.
Follow these steps:
  1. Ensure that you are logged in as the MA.
  2. Go to the Activate the Services and Server Configurations tab and Click Administration Console option on the submenu of the tab.
  3. Under the System Configuration section on the side-bar menu, click the Attribute Encryption Configuration link to display the page.
    To encrypt the User Identifier attribute, all the following attributes that help in uniquely identifying the user are also encrypted:
    - User ID
    \*E2\*80\*93 Account ID
    - Account ID attributes
  4. In the Select Attributes for Encryption section, select attributes from the Available Attributes to add to the Attributes Selected for encryption list.
    Click the > or < buttons to move selected attributes to the desired list. You can also click the >> or << buttons to move all attributes to the desired lists.
  5. In the Data Masking Configuration section, specify the parameters that are described in the following table.
    Data masking is the process of hiding specific elements within the actual data string. Masking ensures that sensitive data is replaced with some data other than the real one.
    Parameter
    Description
    Type
    Select an option from the drop-down list to Mask or Unmask the attributes that are configured for encryption.
    Start Length
    The number of characters to be masked or unmasked from the start of the actual data string.
    End Length
    The number of characters to be masked or unmasked from the end of the actual data string.
    Masking Character
    The character that is used to mask (hide) the actual data.
  6. Click
    Save
    to save your changes.
  7. Refresh
    all
    deployed CA Risk Authentication Server instances.
Examples of Masking and Unmasking
To mask a user name that has been configured for encryption where:
  • Start Length = 2
  • End Length = 2
  • Masking Character = *
  • The user name "mparker" is masked as "**ark**".
To unmask a user name that has been configured for encryption where:
  • Start Length = 2
  • End Length = 2
  • Masking Character = *
  • The user name "mparker" is unmasked as "mp***er".