Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

Administration
Bulk Utility
Integration
Release Notes

All

All

Tasks

Database Permissions

Please Note:

Administration
Installation
- Installing CT-V as Java APIs
- Installing CT-V as SOAP Web Services
- Installing CT-V as Rest Web Services
- Installing CT-V as .Net Web Services
- Installing CT-V as .Net APIs
Java APIs
- TokenService()
- closeService()
- createNewFormat()
- createMaskingFormat()
- insert()
- insertIrreversibleToken()
- mask()
- get()
- getDisabledTokens()
- deleteToken()
- deleteValue()
- deleteTokenEx()
- deleteTokenByTokenProperty()
- disableToken()
- getToken()
- getTokensByDate()
- getByTokenProperty()
- getCustomTokenProperty()
- getCustomTokenPropertyByValue()
- getVersion()
- TokenProperty()
- updateTokenProperty()
Rest APIs
- insertToken()
- insertIrreversibleToken()
- insertTokenBatchWithMultipleVault()
- insertTokenWithTokenProperty()
- insertTokenWithTokenPropertyBatch()
- getToken()
- getByTokenProperty()
- getCustomTokenProperty()
- getCustomTokenPropertyByValue()
- getValue()
- getDisabledTokens()
- deleteToken()
- deleteValue()
- disableToken()
- deleteTokenByTokenProperty()
- getTokenByDate()
- getTokenByRangeDate()
- mask()
- createTokenFormat()
- createTokenFormatWithRegEx()
- createTokenFormatWithRandomTokenLength()
- createMaskingFormat()
- updateTokenProperty()
SOAP Web Services
- CreateNewRegExTokenFormat()
- CreateNewTokenFormat()
- CreateNewTokenFormatWithTokenLength()
- InsertBatch()
- InsertBatchWithCustomData()
- InsertBatchWithMultipleVault()
- InsertToken()
- InsertIrreversibleToken()
- InsertTokenWithCustomData()
- InsertTokenWithCustomDataWithTokenProperty()
- InsertTokenWithTokenProperty()
- InsertBatchWithTokenProperty()
- InsertBatchWithTokenPropertyBatch()
- InsertBatchWithCustomDataAndTokenProperty()
- InsertBatchWithCustomDataAndTokenPropertySmartCheck()
- InsertBatchWithCustomDataAndTokenPropertyBatchSmartCheck()
- CreateMaskingFormat()
- GetBatch()
- GetValueWithCustomData()
- GetValue()
- GetBatchWithCustomData()
- GetTokensByTokenProperty()
- GetTokenBatchWithCustomData()
- GetTokensByDateWithCustomData()
- GetTokensByRangeDateWithCustomData()
- GetTokenWithCustomData()
- GetCustomTokenPropertyByTokens()
- GetCustomTokenPropertyByValue()
- GetDisabledTokens()
- DeleteToken()
- DeleteTokenEx()
- DeleteTokenBatch()
- DeleteTokenExBatch()
- DeleteValue()
- DeleteValueWithCustomData()
- DeleteValueBatch()
- DeleteTokenByTokenProperty()
- DeleteValueBatchWithCustomData()
- DisableTokenBatch()
- Mask()
- UpdateBatchTokenProperty()
- UpdateTokenProperty()
.Net APIs
- Supported .Net APIs
  - TokenService()
  - closeService()
  - AttachCurrentThread()
  - createNewFormat()
  - createMaskingFormat()
  - insert()
  - insertIrreversibleToken()
  - mask()
  - get()
  - deleteToken()
  - deleteValue()
  - deleteTokenEx()
  - deleteTokenByTokenProperty()
  - disableToken()
  - getToken()
  - getTokensByDate()
  - getByTokenProperty()
  - getCustomTokenProperty()
  - getCustomTokenPropertyByValue()
  - getDisabledTokens()
  - getTokensByRangeDate()
  - updateTokenProperty()
  - detachCurrentThread()
- Public Class - TmResult
  - TmResult()
  - getBatchError()
  - getBatchErrorMessage()
  - getErrorIndex()
  - getErrorMessage()
  - getOutput()
  - getStatusBatchError()
  - getStatusOk()
  - getStatusRowError()
  - getStatusType()
  - setBatchError()
Web Service for .NET Developers
- CreateNewRegExTokenFormat()
- CreateNewTokenFormat()
- CreateNewTokenFormatWithTokenLength()
- CreateMaskingFormat()
- DeleteToken()
- GetDisabledTokens()
- DeleteTokenBatch()
- DeleteValue()
- DeleteValueBatch()
- DeleteValueBatchWithCustomData()
- DeleteValueWithCustomData()
- GetBatch()
- GetBatchWithCustomData()
- GetTokenBatchWithCustomData()
- GetTokensByDateWithCustomData()
- GetTokensByRangeDateWithCustomData()
- GetTokenWithCustomData()
- GetValue()
- GetValueWithCustomData()
- InsertBatch()
- InsertBatchWithCustomData()
- InsertBatchWithMultipleVaultWithTokenProperty()
- InsertBatchWithMultipleVaultWithCustomTokenProperty()
- InsertBatchWithMultipleVaultWithTokenPropertyAndCustomTokenProperty()
- InsertBatchWithMultipleVaultWithoutTokenPropertyAndCustomTokenProperty()
- InsertToken()
- InsertTokenWithCustomData()
- InsertIrreversibleToken()
- InsertBatchWithCustomDataTokenProperty()
- InsertBatchWithCustomDataTokenPropertyBatch()
- InsertBatchWithCustomDataTokenPropertySmartCheck()
- InsertBatchWithCustomDataTokenPropertyBatchSmartCheck()
- InsertBatchWithTokenProperty()
- InsertBatchWithTokenPropertyBatch()
- InsertTokenWithCustomDataTokenProperty()
- InsertTokenWithTokenProperty()
- GetByTokenProperty()
- GetCustomTokenProperty()
- GetCustomTokenPropertyByValue()
- DeleteTokenByTokenProperty()
- DisableTokenBatch()
- UpdateTokenProperty()
- UpdateTokenPropertyBatch()
- Mask()
Web Services Examples for Java Developers
Bulk Tokenization
Tasks
- Installing Apache Tomcat and Axis
- Database Permissions
- Creating User and Keys on the CipherTrust Manager
- Configure Vault using Java Utilities
- Creating New Token Formats
- How to Create Sequential Tokens
- Configuring NAE Properties File
  - The Parameters
- Upgrade the Vault Schema
- How to Rotate a Key
- How to Rekey Token Vault
- Examples of Re-Keying and Key Rotation
- Creating Obfuscated Data Using Obfuscation Utility
- Configuring Multiple Databases in REST APIs
- Deploying CipherTrust Vaulted Tokenization Through Docker
- Oracle RAC Environment
- Configuring CT-V (x86) .Net WebServices using JRE (x86) on Windows 2012
- Logging
  - Reading the Log File
  - Enabling Logging
  - Setting the Log File Name and Location
  - Rotating Logs
  - Configuring the Timestamp
  - Setting the Log Size Limit
  - Including Tokens in the Log File
  - Uploading the Log to the Key Manager
  - Implementing External Logger
Advanced Topics
- Concepts
  - CT-V Package Details
  - Silent Installation
  - Token Formats
  - Token Vault Structure for Databases
  - Key Table Structure for Databases
  - The Three-User Model for Token Vault Users
  - Using Logging Features
  - How to Use Token Formats with Java APIs and Web Services
  - Multi-Site Support
  - Utilities and Tools
  - Deploying CT-V REST APIs on Oracle WebLogic 12c Server
  - Deploying CT-V REST APIs on IBM WebSphere
  - Deploying CT-V Java Web Services (REST/SOAP) on Wildfly
  - Installing CipherTrust Vaulted Tokenization Using Chef Scripts
  - CipherTrust Vaulted Tokenization for Other Databases
    - close()
    - setCredentials()
    - getConnectionString()
    - getDriverClass()
    - install()
    - upgrade()
    - uninstall()
    - create()
    - drop()
    - getSessionInfo()
    - getDatabaseMetaInfo()
    - getTokenVaultInfo()
    - getTokenVaultListExt()
    - getBaselineTokenData()
    - updateTokens()
    - getTokenVaultInfoExt()
    - renameTokenVault()
    - rekey()
    - setTokenVaultInfo()
    - setTokenFormatInfo()
    - getTokenFormatInfo()
    - getCipherTextByToken()
    - getCipherTextByTokenWithErrors()
    - getTokenByMACValue()
    - deleteTokens()
    - deleteValues()
    - tokenize()
    - tokenizeWithErrors()
  - Advisory Notes and Best Practices
- Samples
  - Sample Code for Java Developers
  - Sample Code for .Net Developers
  - Sample Demonstrating a Custom Token Validator with an Interface
  - Starting the Token Service Outside of the Loop
Troubleshooting
- Settings
- Exceptions
- Log Messages
- Rest API Error Codes

CT-V
Administration
Tasks
Database Permissions

Database Permissions

The Database User who creates the token vault must have the necessary permissions to create tables and indexes for those tables. Oracle database users must also have permission to create types. The Database User who inserts and deletes information from the tables (sfnt_key_table, sfnt_token_format, and the token vaults) must have insert and delete permissions for those tables.

For testing purposes, you may assign:

the following dba permissions to Oracle users:
- create user tmadmin identified by tmadmin;
- grant dba to tmadmin;
the following permissions to SQL Server users:
- create login tmadmin with password = 'password';
- create user tmadmin for login tmadmin;
- exec sp_addrolemember 'db_ddladmin','db_datawriter','db_datareader', 'tmadmin'

However, depending on your organization’s security policies, you may want the database users to operate with a subset of these privileges that allow only the actions described above. The exact permission will depend on your policies and the schema you decide to use.

Before committing yourself to one approach, consider the three-user model for token vault users that is described below:

If the correct permissions are not assigned, the ability to create and modify tables will be impaired. Depending on which permissions were missing, tables may not be created, or tables may not be updated. If these scenarios arise, you will have to remove the tables directly from the database, assign the correct permissions, and reconfigure the token vault.

On this page

CT-V

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Support Contacts
- Text Conventions
Legal

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com