This chapter describes how to manage data classifications and assign them to different entities like databases, schemas, tables, views, and columns.
View defined data classifications
To view or edit data classification, select "ADMINISTER" section from the main menu and select "Data classification". The list of the currently defined data classification shows up.
Typing at least two characters in the search box will result in showing data classifications that contain names matching to typed phrase.
Check "Search only root data classification" to show only data classifications which don't have a parent data classification.
Choosing type from “Select Type” drop down will result in showing data classifications with that type.
Add a data classification
Click the "ADD" button of Data classification list to bring "New data classification" screen.
NOTE: in order to add a new data classification a "Create data classification" access right is required (see Access rights).
Adding General Type data classification is a one-step wizard that requires you to fill just a couple of fields.
Parameter |
Required |
Description |
Name | Yes | New data classification name. |
Type | Yes | Data classification type. |
Parent data classification(s) | No | Selected parent data classifications. "SELECT" button brings available data classifications list. |
Definition | Yes | Describes the meaning of data classification. |
Description | No | Additional description of the data classification. |
Add alias | No | Allows multiple alternate names for the data classification. |
Adding a non-general type data classification is a four-step wizard that allows you to add roles, permissions and parameters against the data classification.
Choosing single or multiple roles will make permissions tab show up.
On clicking “Next” button permissions will show up according to the type chosen in type field in data classification detail step screen.
Once the user is done with setting up permissions for roles, he can move to next section for the selection of parameters.
Available actions:
- CANCEL - abandons changes and goes back to data classification list..
- CREATE - creates new data classification and goes back to data classification list.
Assign parent business term
Clicking the "SELECT" button in "Add data classification" wizard will bring a list of available data classifications that can be assigned to a parent Data Classifications.
List of available parent data classifications is similar to Data classification list. There are two new actions:
- Assign - assigns selected data classification as parent Data classification.
- CLEAR - removes previously assigned parent data classifications.
Clicking one of list elements will bring a Data classification details screen.
View data classification details
Clicking on data classification list element will open a screen with Data classification details.
The detail view will show details according to data classification type. In case of Generic type data classification only information for the basic type data classification is shown.
However, in case of non-generic data classification additional sections will show up.
On the top right corner are two buttons:
- EDIT - which brings edit screen for current for current data classification.
- DELETE - which deletes current data classification.
Delete operation is proceeded by additional confirmation window:
NOTE: in order to edit or delete data classifications, "Alter Data Classifications" access right is needed (see Access rights).
Nested data classifications
Data classification detail screen contains additional panel called "Nested data classifications". Under this panel is a list of data classifications for which current data classification is the parent. It also allows adding a new nested data classifications.
Add data classifications screen looks exactly like the screen for adding New data classification but it has "Parent data classification(s)" preselected.
Edit data classification
Click "EDIT" button in Data classification details screen to navigate to edit screen.
Edit screen will allow user to edit data classification detail according to data classification type.
NOTE: in order to edit data classifications, "Alter Data Classifications" access right is needed (see Access rights).
There are two actions available:
- CANCEL - abandons changes and goes back to data classification details.
- SAVE - updates data classification and goes back to data classification details.
Activating/Deactivating data classification for column
On assigned data classification screen user can activate or deactivate a column type data classification.
Click on the “Activate” button to make some data classification active. Click again to deactivate any activated data classification.
Activating a data classification will add Roles Access Rights to column with roles as defined in data classification.
And roles permissions as permissions defined in data classification.
Activating a data classification will allow us choose value for Data masking formula by assigning transformation rule to column.
Clicking on “Assign” button will show a list of transformations defined as parameters in active data classification. User can assign any transformation after verifying it by clicking on “Verify” button.
Once the transformation is verified, user can click on “Assign” button to apply transformation.
Assigned transformation will show in the Transformation rule section and the data masking formula value will be updated to the assigned transformation.
One transformation rule can be assigned to the column at a time. In order to assign some other transformation rule the assigned one should be removed.
Clicking on the transformation rule will provide user with the remove option.
Activating/Deactivating data classification for table
Click on the “Activate” button to make some data classification active. Click again to deactivate any activated data classification.
Activating a data classification will add Roles Access Rights to table with roles as defined in data classification.
And roles permissions as permissions defined in data classification.
Activating/Deactivating data classification for schema
Click on the “Activate” button to make some data classification active. Click again to deactivate any activated data classification.
Activating a data classification will add Roles Access Rights to schema with roles as defined in data classification.
And roles permissions as permissions defined in data classification.
Activating/Deactivating data classification for schema
Click on the “Activate” button to make some data classification active. Click again to deactivate any activated data classification.
Activating a data classification will add Roles Access Rights to database with roles as defined in data classification.
And roles permissions as permissions defined in data classification.
See adding data classification section for more details.