Skip to main content

ANO Rules Overview

Overview

While ANO Work Tasks points to tables, ANO Rules point to columns. A Rule describes the logic of the anonymization of a specific column.

Three rule strategies

  1. mask creates new values for fields of a column using input sources
  2. randomize adds noise to the values of each field of a column
  3. Shuffle reorders values within a column, ensuring no value remains in its original place

Input sources

The input sources of a mask rule may be random value generations, columns, text files or sequences.

note

If no input source is provided, the default input source becomes the masked column. E.g. it will be equal to using the column input source and refering to itself.

Convert the input source

The input source to the anonymization rule may be converted using convert.

Output of a rule

The format of the output of a rule strategy can be formatted as needed.

transform the output

The output of the anonymization rule may be transformed using transform.

Store the Anonymization to a Mapping File

Anonymizations may be saved to a mapping file using map. This file may be encrypted using the encrypted keyword, alongside an encryption key provided to the configuration.

Handle constraints

foreign keys

To handle table dependencies during the anonymization process, such as foreign key constraints, you may want to propagate anonymizations of a primary key column to foreign key columns in other tables. Or you may want to populate a foreign key columns in child tables by using a distribution of primary key values available in parent tables.

unique keys

The unique keyword may be placed in a task rule to ensure the values stored in the database are unique. This may fail, depending on the input sources and sizes of tables. Not all input sources provide an infinite number of values. E.g. random-integer is finite while random-decimal is approximately infinite.

Custom SQL

You can write complete SQL statements into the ANO file directly using sql-before and sql-after. This is useful if specific SQL statements must be executed before or after running a specific Task Group or a specific Work Task.

If there are needs to place conditions for Work Tasks, you may also write explicit where expressions to them. These corresponds to the where clause of SQL statements.