Skip to main content
Skip table of contents

Secure Lookup (Algorithm frameworks)

Secure Lookup is the most commonly used type of algorithm. It is easy to generate and works with different languages. When this algorithm replaces real, sensitive data with fictional data, it is possible that it will create repeating data patterns, known as “collisions.” For example, the names “Tom” and “Peter” could both be masked as “Matt”. Because names and addresses naturally recur in real data, this mimics an actual data set. However, if you want the Masking Engine to mask all data into unique outputs, you should use Character Mapping.

Starting in version 6.0.4.0, we introduced a built in Extensible Secure Lookup Algorithm Framework. The new framework uses SHA256 hashing method and allows case configurations for input and output (i.e. masked) values.

Creating a secure lookup algorithm via UI

  1. In the upper right-hand corner of the Algorithm tab, click Add Algorithm.

  2. Choose Secure Lookup Algorithm. The Create SL Algorithm pane appears.

  3. Enter an Algorithm Name.

    Info

    This MUST be unique.

  4. Enter a Description.

  5. Choose the Output (Masked) Case configuration. It is explained with the examples in the information popup window, which may be opened by clicking on the blue question sign on the above Create SL Algorithm window: 

  6. Choose the Hash Method configuration.

    • SHA256: This hash method is the default hash method for extensible secure lookup algorithms.

    • LEGACY: This hash method is used to mimic the legacy secure lookup behavior in the extensibility framework.

    • RANDOMIZE: This method replaces the input value with a random value from the lookup file. It internally uses a PRNG (pseudorandom number generator) to generate a random index with a uniform distribution (equal probability) which is subsequently used to fetch the value from the lookup file.

Since RANDOMIZE hash-method chooses a random replacement value every time, this does not maintain referential integrity and should never be used in cases where referential integrity is required. This is however useful in certain cases where masked values need to reflect a statistical distribution (ex: genders, model a population distribution, etc.)

  1. Choose the Case Sensitive Lookup configuration. If Case Sensitive Lookup box is marked then the same input of different cases will be masked to the different values. For example:

    CODE 
    Peter -> John
peter -> Andrew

    If that setting is not marked (which is a default option), then lookup would be case insensitive, for example:

    CODE 
    Peter -> John
peter -> John

  2. Specify a Lookup File. This file is a single list of values that does not require a header, every line of the Lookup File might be used as a masked value. The Lookup File must be ASCII or UTF-8 encoding compatible. The lookup file can be referenced locally or with a specified/uploaded URI. The following is sample file content:

    CODE 
    Smallville
Clarkville
Farmville
Townville
Cityname
Citytown
Towneaster

  3. When you are finished, click Save.

  4. Before you can use the algorithm in a profiling job, you must add it to a domain.

For information on creating Secure Lookup algorithms through the API, see API Calls for Creating Algorithms - Secure Lookup.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close