Running CipherTrust Vaulted Tokenization Bulk Utility
CT-V Bulk Utility is launched from the command line of any supported platform. Navigate to the installed location of CT-V and call the appropriate command for the operating system. Increase the Java Heap Size as per your requirement before running the utility to get the desired performance.
The following examples show the syntax for the command to be executed for tokenization:
For Bulk Tokenization Using Token Vault
java -cp SafeNetTokenService-8.12.4.000.jar com.safenet.token.migration.main migration.properties -t
OR
java -cp SafeNetTokenService-8.12.4.000.jar com.safenet.token.migration.main migration.properties –t DSU=NAE_User1 DSP=qwerty12345 DBU=DB_User1 DBP=abcd1234
For Bulk Detokenization Using Token Vault
java -cp SafeNetTokenService-8.12.4.000.jar com.safenet.token.migration.main detokenization.properties -d
OR
java -cp SafeNetTokenService-8.12.4.000.jar com.safenet.token.migration.main detokenization.properties –d DSU=NAE_User1 DSP=qwerty12345 DBU=DB_User1 DBP=abcd1234
For Bulk Masking Without Token Vault:
File-to-file masking
java -cp SafeNetTokenService-8.12.4.000.jar com.safenet.token.migration.main configfile-path -ftf
OR
java -cp SafeNetTokenService-8.12.4.000.jar com.safenet.token.migration.main configfile-path -ftf DSU=NAE_User1 DSP=qwerty12345
DB-to-DB masking
java -cp SafeNetTokenService-8.12.4.000.jar com.safenet.token.migration.main configfile-path -dtd
OR
java -cp SafeNetTokenService-8.12.4.000.jar com.safenet.token.migration.main configfile-path -dtd DSU=NAE_User1 DSP=qwerty12345 SDBU=Source_DB_User SDBP=Source_DB_Password DDBU=Destination_DB_User DDBP=Destination_DB_Password maskingDisabled=false truncateDestination=false
Note
For Database-to-Database bulk tokenization, the name and structure of source and destination tables must be same.
The following are the usage options available for CT-V Bulk Utility:
-t
- Specifies the tokenization operation using token vault.-d
- Specifies the detokenization operation using token vault.-ftf
- Specifies the File-to-File tokenization operation without token vault.-dtd
- Specifies the Database-to-Database tokenization operation without token vault.DSU
- Specifies Key Manager user name.DSP
- Specifies Key Manager password.DBU
- Specifies database user name.DBP
- Specifies database password.SDBU
- Specifies the source database user.SDBP
- Specifies the source database password.DDBU
- Specifies the destination database user.DDBP
- Specifies the destination database password.maskingDisabled
- When this flag is set to true, the masking is disabled and the records get copied to the destination database table. When this flag is set to false, the masking is enabled and the masked values are inserted into the destination database table. Even if this flag is not specified in the command, it is considered as false by default.truncateDestination
- When this flag is set to true, the existing records in the destination database table will be truncated. Even if this flag is not specified in the command, it is considered as false by default. This parameter must be set to true when masking tables with foreign-key relationship.Note
DBU and DBP are not required for
-ftf
and-dtd
operations.Bulk Utility with masking does not support custom formats for
-ftf
and-dtd
operations.
While performing migration and detokenization operation in Bulk Utility, you can use obfuscated password or obfuscated credentials wherever required. The password obfuscation allows the user to use the obfuscated passwords, whereas the credential obfuscation allows the user to use obfuscated Key Manager and database credentials.
To use the obfuscated password or obfuscated credentials, you must set the PasswordObfuscation
or the CredentialObfuscation
parameter to true in the SafeNetToken.properties
file and in the Bulk Utility configuration files (migration.properties
or detokenization.properties
).
Note
By default, the PasswordObfuscation
parameter and CredentialObfuscation
parameter are disabled.