MVSFORUMS.com

[k_v_mahesh]

Hi,

We have an requirement where the client wants to mask the sensitive data in mainframe to the team sitting in remote site.

Need input on how to handle CICS screen data masking without major changes to code base.

Are there products available that sits between CICS and database ?

Please advice.

Regards
Mags

[warp5]

What EXACTLY do you want to do, what do you mean when you say mask? We can only guess what you mean if you are not explicit.

[kolusu]

k_v_mahesh,

The simple way is to code an identical screen masking all the sensitive data and send that screen based on the userid

Kolusu

[Dibakar]

extending kolusu's suggestion I would prefer masking the fields by changing attributes based on userid rather than creating another set of screens
_________________
Regards,
Diba

[semigeezer]

Changing attributes is not really a good idea because depending on the emulator that is being used, the end user might simply have to use cut (of the screen) and paste (to a file) to see the data. Some emulators have that bug.

And most (all?) emulators have a trace facility that lets you capture the data coming over the wire. If all you change is the attribute byte, the data still comes over the wire and is extremely easy (read trivial) to see.
_________________
New members are encouraged to read the How To Ask Questions The Smart Way FAQ at http://www.catb.org/~esr/faqs/smart-questions.html.

[dbzTHEdinosauer]

the db2 setup would not be fun, but you may be better off,
having another db with anonymiziert data for certain users and force them into a different plan
in order to point to a database with different qualifier.
you would not have to change any code.
_________________
Dick Brenholtz
American living in Varel, Germany