Right! Just because a sequence of bytes "could" represent a legitimate
SSN doesn't mean it is a SSN. Murphy's law guarantees that scrubbing
anything that could be interpreted as a SSN will eventually also scrub
some combination of adjacent numeric values, character strings, address
pointers or pieces of instructions, possibly essential to understanding
the problem, that just coincidentally resembles a valid SSN but isn't.
May be a low probability, but it will surely happen. If you try to
recognize and sanitize additional types of values that are less
structured, like names and addresses, the odds of false findings of
sensitive data must increase. Color me "skeptical" that any automatic
process to sanitize all sensitive data won't leave collateral damage --
it will either fail to be complete or potentially sanitize things that
should be left alone.
Whoever is tasked with interpreting a modified dump is entitled to know
the extent to which it was altered, precisely because there will always
be room for doubt whether any dump sanitizer could function with 100%
accuracy.
JC Ewing
On 08/13/2017 10:28 PM, Jim Mulder wrote:
> As someone who spends a considerable amount of time reading dumps,
> I have some requirements for anyone who uses a product like this on a dump
> and then sends the dump to IBM.
>
> 1. You must inform IBM that the dump you are sending has been modified.
>
> 2. You must supply a list of all of the modified or deleted storage
> ranges.
> This could be a report produced by the product. Or,
> the product could append SC (COMPDATA) records to the dump,
> which contain descriptions of the storage ranges which have been
> omitted or modified. The 8 character component identifier for these
>
> records would be something which starts with a 3 character prefix
> that
> IBM has assigned to the vendor.
>
> Jim Mulder z/OS Diagnosis, Design, Development, Test IBM Corp.
> Poughkeepsie NY
>
>
>> From: Thomas Loges <thomaslo...@alice-dsl.de>
>> To: IBM-MAIN@LISTSERV.UA.EDU
>> Date: 08/13/2017 11:11 PM
>> Subject: Re: Scrubbing sensitive data in dumps
>> Sent by: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU>
>>
>> Here is a link to the description of a product for log and dump
>> anonymization called SF-SafeDump:
>>
>> http://www.fedtke.com/exchange/SF_SafeDump_for_zos.pdf
>>
> ...
--
Joel C. Ewing, Bentonville, AR jcew...@acm.org
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
