Masking.properties File
Masking.properties file explains all the parameters required to run the CT-V Bulk Utility for tokenization of plaintext in File-to-File and Database-to-Database operation without using token vault. It allows the user to configure the input source and output destination.
For MSSQL, the user is required to have permissions on the system tables, such as sys.columns, sys.types, sys.index_columns and sys.indexes for DB-to-DB operations. Also, if the source database contains any empty string (“) in any cell, it will be converted to NULL while writing it in the destination database table.
TokenProperty and customTokenProperty are not supported in bulk masking.
Below is a sample parameters file that can be used as a template:
###############################################################################
# CipherTrust Vaulted Tokenization Bulk Masking Configuration
#
# To run masking use the following command
#
# java com.safenet.token.migration.main config-file-path -ftf
# or
# java com.safenet.token.migration.main config-file-path -dtd
# Here -ftf is for File-to-File and -dtd is for DB-to-DB.
# In case the option is -dtd, the system prompts for source and destination
# database user name and password.
#
# Note: This is a sample file and needs to be customized to your specific
# environment.
#
###############################################################################
#####################
# Input Configuration for File-to-File
# Input.FilePath
# Input.Type
#####################
#
# Input.FilePath
# [Mandatory for File-to-File tokenization]
# Full path to the input file
#
Input.FilePath = C:\\Desktop\\migration\\customerTable.csv
#
# Input.Type
# [Mandatory]
# Format of the input file
#
# Valid values
# Delimited
# Positional
#
Input.Type = Delimited
Note: Mandatory for File-to-File tokenization.
###############################
# Delimited Input Configuration
# Input.EscapeCharacter
# Input.QuoteCharacter
# Input.ColumnDelimiter
# [Optional]
###############################
#
# Input.EscapeCharacter
#
# Specifies a character that is used to 'escape' special characters that
# alter input processing
#
# Note: This parameter is ignored if Input.Type is set to Positional
#
Input.EscapeCharacter = \\
#
# Input.QuoteCharacter
#
# Specifies a character that is used around character sequences that contain
# delimiter characters and are to be treated as a single column value
#
# Note: This parameter is ignored if Input.Type is set to Positional
#
Input.QuoteCharacter = "
#
# Input.ColumnDelimiter
#
# Specifies a character that separates columns in the input file
#
# Note: This parameter is ignored if Input.Type is set to Positional
#
Input.ColumnDelimiter = ,
Note: Delimited Input Configuration is optional for File-to-File tokenization.
################################
# Positional Input Configuration
# Input.Column0.Start
# Input.Column0.End
# ...
# Input.ColumnN.Start
# Input.ColumnN.End
################################
#
# Input.ColumnN.Start
# [Optional for File-to-File tokenization]
# Specifies zero-based position where the value starts. The character in the
# specified position is included in the column value. This value must be
# specified for every column in the input file which has to be processed
# or passed-through and included in the output file.
#
# Note: This parameter is ignored if Input.Type is set to Delimited
Input.Column0.Start =
#
# Input.ColumnN.End
# [Optional for File-to-File tokenization]
# Specifies zero-based position where the value ends. The character in the
# specified position is included in the column value. This value must be
# specified for every column in the input file which has to be processed
# or passed-through and included in the output file.
#
# Note: This parameter is ignored if Input.Type is set to Delimited
# Input.Column0.End =
######################
# Output Configuration for File-to-File
# Output.FilePath
# Output.Sequence
######################
#
# Output.FilePath
#
# Specifies full path to the output file
#
Output.FilePath = C:\\Desktop\\migration\\customerTable_masking.csv
#
# Output.Sequence
#
# Specifies sequence of the input columns in which they are written to the
# output file. Each column in the input file that has to appear in the
# output file has to have its column index specified in the output sequence.
# For each column in the input file, the sequence number can be either positive
# or negative. Positive sequence number indicates that the tokenized value is
# written to the output file, if the column was tokenized. Negative sequence number
# indicates that the original value from the input file is written to the output
# file. For columns that are not tokenized (pass-through columns) specifying
# positive or negative number has the same effect.
# Column indexes are separated by , character.
#
Output.Sequence = 0,-1,-2,-3,-4,5,6
###############################
# Source Database Configuration for DB-to-DB
# Source.HostName
# Source.PortNumber
# Source.DatabaseType
# Source.DatabaseName
###############################
Note: Mandatory for DB-to-DB tokenization. Also, name and structure of source and destination
database tables must be same.
#
# Source.HostName
#
# Specifies the IP address of the database server from which, the
# CipherTrust Vaulted Tokenization
# Bulk Utility to read the plain values to be masked.
Source.HostName =
#
# Source.PortNumber
#
# Specifies the port number of the database server.
Source.PortNumber =
#
# Source.DatabaseType
#
# Specifies the database type to connect.
Source.DatabaseType =
#
# Source.DatabaseName
#
# Specifies the database name of the server.
Source.DatabaseName =
#####################
# Destination Database Configuration for DB-to-DB
# Destination.HostName
# Destination.PortNumber
# Destination.DatabaseType
# Destination.DatabaseName
#####################
Note: Mandatory for DB-to-DB tokenization. Also, source and destination database tables should
have the same name and table structure.
#
# Destination.HostName
#
# Specifies the IP address of the destination database to which tokens are to be
# written.
Destination.HostName =
#
# Destination.PortNumber
#
# Specifies the port number of the destination database.
Destination.PortNumber =
#
# Destination.DatabaseType
#
# Specifies the type of the destination database to connect.
Destination.DatabaseType =
#
# Destination.DatabaseName
#
# Specifies the destination database name.
Destination.DatabaseName =
###########################################
# Masking Configuration for File-to-File
# Mask.Column0.TokenFormat
# Mask.Column0.StartToken
# Mask.Column0.LuhnCheck
# Mask.Column0.InputDataLength
# ...
# Mask.ColumnN.TokenFormat
# Mask.ColumnN.StartToken
# Mask.ColumnN.LuhnCheck
# Mask.ColumnN.InputDataLength
# [Mandatory]
############################################
#
# Mask.ColumnN.TokenFormat
#
# Specifies token format that will be used to mask this column. If the
# column does not need to be masked, do not specify this parameter. If
# this parameter is specified, all other masking parameters for the
# same column must also be specified.
# Token format may be specified using format name for built-in formats,
# or format identifier for built-in formats. It is recommended
# to use format names for built-in formats, as documented in the CipherTrust Vaulted Tokenization
# User Guide.
#
# Valid values
# <string>
# <number>
#
# <string> - is the name of a built-in token format, such as LAST_FOUR_TOKEN
# For complete list of supported token formats, refer to
# CipherTrust Vaulted Tokenization
# User Guide.
#
# <number> - is the format identifier (between 101 and 999) returned by
# TokenService.createNewFormat API.
Mask.Column5.TokenFormat = RANDOM_TOKEN
Mask.Column6.TokenFormat = EMAIL_ADDRESS_TOKEN
#
# Mask.ColumnN.LuhnCheck
#
# Specifies whether the generated token will pass or fail luhn check. If the
# column does not need to be masked, don't specify this parameter.
# Valid values
# true
# false
Mask.Column5.LuhnCheck = false
Mask.Column6.LuhnCheck = false
#
# Mask.ColumnN.StartToken
#
#
Specifies the start token when the TokenFormat is SEQUENTIAL_TOKEN.
Mask.Column0.StartToken =
#
# Mask.ColumnN.InputDataLength
#
# Specifies the input data length required for the sequential tokens
# i.e. when TokenFormat is SEQUENTIAL_TOKEN
Mask.Column0.InputDataLength =
###########################################
# Masking Configuration for DB-to-DB
# SourceTable.<TableNameN>
# [Mandatory]
# Specifies the table name and column properties which are to be masked. The
# following format shows how the table names and column properties are passed.
#
# SourceTable.<TableName1>=[column1,format,luhnCheck,startToken,inputDataLength]:
#[column2,format,luhnCheck,startToken,inputDataLength]......
#[columnN,format,luhnCheck,startToken,inputDataLength]
# ..........
# ..........
#SourceTable.<TableNameN>=[column1,format,luhnCheck,startToken,inputDataLength]:
#[column2,format,luhnCheck,startToken,inputDataLength]......
#[columnN,format,luhnCheck,startToken,inputDataLength]
#
# Note: The columns specified here should be in same order as in database table.
#
# For SEQUENTIAL_TOKEN format either startToken or inputDataLength should be
# specified. In case both are specified, startToken will be used.
# inputDataLength specifies the input data length required for the
# sequential tokens.
#
############################################
Note: If any table specified here has parent-child foreign key relationship, then data of all the
associated tables (apart from the tables menionted in this parameter) will get copied to the
destination database tables. In such case, set the truncateDestination parameter as true.
SourceTable.<customer>=[CC_NUMBER,LAST_FOUR_TOKEN,true]:[EMAIL_ID,EMAIL_ADDRESS_ TOKEN,false]
# NonMaskingTables
# [optional]
# Specifies the list of tables which are not to be masked. The table names are
# comma spearated.
NonMaskingTables=Table4
###############################
# Multi-threading Configuration for File-to-File and DB-to-DB
# Threads.BatchSize
# Threads.TokenThreads
# Threads.PollTimeout
###############################
#
# Threads.BatchSize
#
# Specifies number of rows per batch.
#
Threads.BatchSize = 20
#
# Threads.TokenThreads
#
# Specifies number of threads that will perform tokenization of columns
# as required.
#
Threads.TokenThreads = 5
#
# Threads.PollTimeout
#
# Specifies the amount of time (in milliseconds) processing threads will
# wait for a batch on the data queue before timing out, checking for
# adminitrative commands on the management queue, and then checking for
# another batch on the data queue.
# Default value of this parameter is 100.
# Do not modify this parameter unless instructed by customer support.
#
Threads.PollTimeout = 100
#
# Logger.LogLevel
#
# Specifies the level of details displayed
#
# Valid values
# Normal
# Verbose
# [Mandatory] for both File-to-File and DB-to-DB
Logger.LogLevel = Verbose
#
# TokenSeparator
#
# Specifies if the tokens generated are space separated or not.
# Note: This parameter is ignored if Input.Type is set to Delimited.
#
# Valid values
# true
# false
# Note: Default value is set to true.
#
TokenSeparator = true
#
# StreamInputData
#
# Specifies if the input data is streamed or not.
#
# Valid values
# true
# false
# Note: Default value is set to false.
#
StreamInputData = false
Note: If StreamInputData is set to true, the TokenSeparator parameter is not considered.
#
# CodePageUsed
#
# Specifies the code page in use.
# Used with EBCDIC character set for ex. use "ibm500" for EBCDIC International
# https://docs.oracle.com/javase/7/docs/api/java/nio/charset/Charset.html
#
CodePageUsed =
Note: If no value is specified, by default, ASCII character set is used.
###############################################################################
# END
###############################################################################
