Skip to content

Secure Lookup

Extensible Algorithm Framework

Secure Lookup is the most commonly used type of algorithm. It is easy to generate and works with different languages. When this algorithm replaces real, sensitive data with fictional data, it is possible that it will create repeating data patterns, known as “collisions.” For example, the names “Tom” and “Peter” could both be masked as “Matt”. Because names and addresses naturally recur in real data, this mimics an actual data set. However, if you want the Masking Engine to mask all data into unique outputs, you should use Character Mapping.

Starting in version 6.0.4.0, we introduced a builtin Extensible Secure Lookup Algorithm Framework, co-existing with the legacy one. The new framework uses SHA256 hashing method and allows case configurations for input and output (i.e. masked) values.

Creating a Secure Lookup Algorithm via UI

  1. In the upper right-hand corner of the Algorithm tab, click Add Algorithm.

  2. Choose Secure Lookup Algorithm. The Create SL Algorithm pane appears.

  3. Enter an Algorithm Name.

    Info

    This MUST be unique.

  4. Enter a Description.

  5. Choose the Output (Masked) Case configuration. It is explained with the examples in the information popup window, which may be opened by clicking on the blue question sign on the above Create SL Algorithm window:

  6. Choose the Hash Method configuration.

    • SHA256: This hash method is the default hash method for extensible secure lookup algorithms.
    • LEGACY: This hash method is used to mimic the legacy secure lookup behavior in the extensibility framework.

  7. Choose the Case Sensitive Lookup configuration.

    If Case Sensitive Lookup box is marked then the same input of different cases will be masked to the different values. For example:

    Peter -> John
peter -> Andrew

    If that setting is not marked (which is a default option), then lookup would be case insensitive, for example:

    Peter -> John
peter -> John

  8. Specify a Lookup File.

    This file is a single list of values that does not require a header, every line of the Lookup File might be used as a masked value. The Lookup File must be ASCII or UTF-8 encoding compatible. The lookup file can be referenced locally or with a specified/uploaded URI. The following is sample file content:

    Smallville
Clarkville
Farmville
Townville
Cityname
Citytown
Towneaster

  9. When you are finished, click Save.

  10. Before you can use the algorithm in a profiling job, you must add it to a domain.

For information on creating Secure Lookup algorithms through the API, see API Calls for Creating Algorithms - Secure Lookup.