Download eBook (PDF) - Red Gate Software

8 – ObfuscationRepeating Character MaskingOver recent years the information that is presented on a credit card receipt haschanged. In the past, it was not uncommon to find the entire primary accountnumber printed upon the receipt. Today, this number still appears on credit cardreceipts; but only a few of the last numbers appear in plain text with theremainder of the numbers being replaced with a series of "x" or "*" characters.This is called a repeating character mask.This approach provides a level of protection for sensitive data, rendering ituseless for transactional purposes, while providing enough information, thenumber's last four digits, to identify the card on which the transaction wasmade.In the HomeLending database, we will create a user defined function calledCharacter_Mask, as shown in Listing 8-4, which performs repeatingcharacter masking, which again can be referenced as needed in views andstored procedures that are selected to use this method of data obfuscation.This user defined function will modify the value that is passed through the@OrigVal argument and replace all of the characters with the character passedthrough the @MaskChar argument. The @InPlain argument defines thenumber of characters that will remain in plain text after this user definedfunction is executed. For example, the value of "Samsonite" may result in"xxxxxxite".In order for the appropriate users to utilize this user defined functionpermissions must be assigned. The GRANT EXECUTE command is included inthe script.Use HomeLending;GO-- Create user defined functionCREATE FUNCTION Character_Mask(@OrigVal varchar(max),@InPlain int,@MaskChar char(1))RETURNS varchar(max)WITH ENCRYPTIONASBEGIN-- Variables used177