Welcome to CASI Software - Innovations in Mainframe Information Delivery

Mask Sensitive Report Data WITHOUT Application Changes

With the need to protect sensitive data (SSNs, Account Numbers, logons/passwords, etc.) the JES2Mail (JES2FTP) powerful Report Processing Language (RPL) can remove or mask sensitive data before reports are delivered without changing your underlying application.

This example is a payroll register report. To distribute this to one who needs data from the report, but does not need to know employee names or employee numbers (SSNs), we can simply mask the relevant data using RPL. This is an image of the report as it is originally produced:


The following JES2Mail (JES2FTP) ruleset is used to mask both employee names and numbers:

        ID: PayReg1
        To: &Userid;@&OurDomainName;
        From: jes2mail@&OurDomainName;
        Subject: Payroll Register
        PackageType: PDF
        PageSize: Letter
        Orientation: Landscape
        Font: Courier
        FontSize: medium
        Script: dd:Script

This ruleset packages the report as a PDF document and uses symbolic substitution for the addressing parameters.

"&Userid;" represents the user submitting the job and "&OurDomainName;" comes from parameters in the JES2Mail configuration file. More importantly, it specifies the script (DD:SCRIPT) which contains the following statements:

        )OnEachPage
        Define(P1, pos)
        P1 = LocateText("EMPL:  ")                ; Find "EMPL:" on line
        While (P1 != 0)                           ; Loop
            P1 = P1 + 0:6;                        ; Skip Over "EMPL: "
            UpdatePage(P1, 35, "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")  ; Erase
            P1 = P1 + 1:0 - 0:6;              ; Backup Column and go down 1 line
            P1 = LocateText("EMPL: ", P1, 99:132) ; Find next on page
        EndWhile
        OutputPage()                              ; Output the page

This script searches for the literal EMPL: on each page of the report. It skips over 6 columns from that position and then masks the employee name number with Xs. Since there can be more than one employee on each page of the report, it uses a While loop to search the remainder of the page masking names/numbers until it finds no additional instances of the EMPL: literal. (Note: After locating an instance and masking data on one line of the report, the position variable is repositioned to the next line and back to the original column in order to find all instances of EMPL: on the page. Once the end of page is reached it outputs the page and is then ready for the next page of the report.

When the recipient opens the resulting PDF file, they see the following:

Now the names and employee numbers no longer appear. This same technique can be used for any report containing sensitive data.

© 2008 Computer Application Services, Inc. - All Rights Reserved



Skip Navigation Links
    Home
    About Us
    Products Expand Products
    Clients
    Articles
    News
    Links
    Contact us
    Login
    Logoff