My understanding is that the XBridge product was successful at this 
technically. CA has a new product in this area that is successful technically. 
(By "technically" I mean that the technology is successful in recognizing 
credit card numbers, SSNs, and so forth. There is more pattern to a credit card 
number than just "16 numeric digits.")

These products address files and datasets, but the same pattern recognition 
would apply to dumps.

The problem as I see it -- after taking several sessions at SHARE on data 
privacy -- is that the definition of "personal information" is endlessly 
elastic. Read "What constitutes personal data?" on 
http://www.eugdpr.org/gdpr-faqs.html. 

And by the way, if you are in the US and think that the GDPR is a Europe-only 
thing, read "Who does the GDPR affect?" and "What are the penalties for 
non-compliance?" on the same page. Also note the countdown clock on their home 
page!

Charles


-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Paul Gilmartin
Sent: Friday, August 11, 2017 11:23 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Scrubbing sensitive data in dumps

On Fri, 11 Aug 2017 17:09:10 -0400, Jim Mulder wrote:
>
>  We did have a meeting in z/OS development quite a few years ago to  
>discuss someone's wish for this type of function for z/OS dumps.  We 
>concluded that in general, identifying the sensitive data to be 
>modified would be so problematic that it was not worth pursuing.
> 
This is reminiscent of a question posed (here?) (years?) ago concerning 
detecting credit card numbers in data sets, with the objective of obfuscating 
them.

OK.  Any 16 numeric digits, or packed, or 64-bit binary in range, or ...
Validate check digit?

Same answer.

Or SSNs.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Reply via email to