Running CipherTrust Vaulted Tokenization Bulk Utility

CT-V Bulk Utility is launched from the command line of any supported platform. Navigate to the installed location of CT-V and call the appropriate command for the operating system. Increase the Java Heap Size as per your requirement before running the utility to get the desired performance.

The following examples show the syntax for the command to be executed for tokenization:

• For Bulk Tokenization Using Token Vault

  java -cp SafeNetTokenService-8.12.3.000.jar com.safenet.token.migration.main migration.properties -t
  

  OR

  java -cp SafeNetTokenService-8.12.3.000.jar com.safenet.token.migration.main migration.properties –t DSU=NAE_User1 DSP=qwerty12345 DBU=DB_User1 DBP=abcd1234
  

• For Bulk Detokenization Using Token Vault

  java -cp SafeNetTokenService-8.12.3.000.jar com.safenet.token.migration.main detokenization.properties -d
  

  OR

  java -cp SafeNetTokenService-8.12.3.000.jar com.safenet.token.migration.main detokenization.properties –d DSU=NAE_User1 DSP=qwerty12345 DBU=DB_User1 DBP=abcd1234
  

• For Bulk Masking Without Token Vault:

  • File-to-file masking

    java -cp SafeNetTokenService-8.12.3.000.jar com.safenet.token.migration.main configfile-path -ftf
    

    OR

    java -cp SafeNetTokenService-8.12.3.000.jar com.safenet.token.migration.main configfile-path -ftf DSU=NAE_User1 DSP=qwerty12345
    

  • DB-to-DB masking

    java -cp SafeNetTokenService-8.12.3.000.jar com.safenet.token.migration.main configfile-path -dtd
    

    OR

    java -cp SafeNetTokenService-8.12.3.000.jar com.safenet.token.migration.main configfile-path -dtd DSU=NAE_User1 DSP=qwerty12345 SDBU=Source_DB_User SDBP=Source_DB_Password DDBU=Destination_DB_User DDBP=Destination_DB_Password maskingDisabled=false truncateDestination=false
    

The following are the usage options available for CT-V Bulk Utility:

• -t - Specifies the tokenization operation using token vault.

• -d - Specifies the detokenization operation using token vault.

• -ftf - Specifies the File-to-File tokenization operation without token vault.

• -dtd - Specifies the Database-to-Database tokenization operation without token vault.

• DSU - Specifies Key Manager user name.

• DSP - Specifies Key Manager password.

• DBU - Specifies database user name.

• DBP - Specifies database password.

• SDBU - Specifies the source database user.

• SDBP - Specifies the source database password.

• DDBU - Specifies the destination database user.

• DDBP - Specifies the destination database password.

• maskingDisabled - When this flag is set to true, the masking is disabled and the records get copied to the destination database table. When this flag is set to false, the masking is enabled and the masked values are inserted into the destination database table. Even if this flag is not specified in the command, it is considered as false by default.

• truncateDestination - When this flag is set to true, the existing records in the destination database table will be truncated. Even if this flag is not specified in the command, it is considered as false by default. This parameter must be set to true when masking tables with foreign-key relationship.

  Note

  • DBU and DBP are not required for -ftf and -dtd operations.

  • Bulk Utility with masking does not support custom formats for -ftf and -dtd operations.

While performing migration and detokenization operation in Bulk Utility, you can use obfuscated password or obfuscated credentials wherever required. The password obfuscation allows the user to use the obfuscated passwords, whereas the credential obfuscation allows the user to use obfuscated Key Manager and database credentials.

To use the obfuscated password or obfuscated credentials, you must set the PasswordObfuscation or the CredentialObfuscation parameter to true in the SafeNetToken.properties file and in the bulk utility configuration files (migration.properties or detokenization.properties).