Page tree
Skip to end of metadata
Go to start of metadata

For project administrators only.

The element masking feature allows you to restrict which attribute element labels appear in reports, based on a masking metric/measure. A project data model and masking metric/measure must be created in a way that does not allow users to circumvent this masking restriction and reveal actual label values. The masking metric/measure is not displayed to the end user and is used only to determine which attribute element labels should be masked (replaced by a masked value).

Variables may be used in a masking metric/measure to modify masking per project or per user.

Examples:

Take the following report with the Amount metric sliced by Account:

without_masking.png

The Account is the sensitive attribute we want to mask - we will show only top five accounts according the first metric in the report:

SELECT 1 BY Account ALL OTHER HAVING (SELECT RANK(REPORT METRIC(1)) DESC BY Account ALL OTHER) <= 5

Element Masking Object

Element masking is defined using the ElementMasking MD object with the following structure:

{ "elementMasking": {
	"content": {
		"attribute": URISTRING, % sensitive attribute
		"maskingMetric": URISTRING, % metric to be used for masking
		"maskValue": STRING % used instead of actual label, if element should be masked
	},
	"meta": {
		"title": "Masking of Company name"
	}
} }


Where:

  • attribute is a sensitive attribute, whose labels should be masked (for example, Company Name)
  • maskingMetric values are used to distinguish which elements should be preserved or replaced by maskValue. 0 or NULL values leads to replacement of the actual label with maskValue
  • maskValue is a replacement value for attribute elements that should be masked


Such objects may be created by a POST request on /gdc/md/<PID>/obj resource. Use a DELETE request on the same resource for its deletion. 
To get a list of currently defined ElementMasking MD objects, use the /gdc/md/<PID>/objects/query API call with category parameter having the elementMasking value and a limit parameter with a value up to 50.

Example:

{ "elementMasking" : {
	"content" : {
		"attribute" : "/gdc/md/rzqt122wgqseilnlsy9rxqzogyy2uha0/obj/969",
		"maskingMetric" : "/gdc/md/rzqt122wgqseilnlsy9rxqzogyy2uha0/obj/75538",
		"maskValue" : "Undisclosed"
	},
	"meta" : {
		"title" : "Masking of Company name"
	}
} }

Report Computation

ElementMasking objects are collected for all attributes in a report. If such an object exists, a masking metric is appended to the report computation and masking metric values of 0 or NULL cause attribute labels to be replaced by the mask value string. The masking metric is not present in the result so that it is not visible to the user.

Additional considerations and restrictions

You can create only one element masking for one attribute - one attribute can have one element masking object at most (1 or 0)

  • There may be multiple attributes with masking applied in the same report.
  • When masking is triggered, users are not able to override values of prompts included in the masking metric (on the API level).
  • When masking is triggered, raw CSV export is disabled.
  • Masking does not currently work for Analytical Designer. (not supported)

Security

As the element masking feature is based on masking metrics and metrics in general can be modified or deleted by editors, it is required to set masking metrics permissions to Administrator only by selecting Masking measure -> Sharing & Permissions -> Only Admins can modify this metric. This is prerequisite for viewers and editors having access to the report with masked attribute. Setting the permission to administrator is required for Dashboard and Reports as well to prevent other users from accessing the masked metric. 

How to set protected attribute

You can set attributes to be protected with POST on the /gdc/md/{pid}/objects/setFlag/protected API with structure:

{ "setProtected": {
	"items": [
				“attribute1 uri”,
				“attribute2 uri”
} }

You can remove protected property from attribute with POST on the /gdc/md/{pid}/objects/unsetFlag/protected API with structure

{ "unsetProtected": {
	"items": [
				“attribute1 uri”,
				“attribute2 uri”
} }

How to Lock Reports and Dashboards


Reports

Steps:

In the Reports tab:

  1. Select the report.
  2. Select options>settings.
  3. Select 'Only Admins can modify this report'.

Dashboards:

Steps:

In the Dashboards tab:

  1. Click options.
  2. Select Sharing & Permissions.
  3. Select “Only Admins can modify this dashboard“.

This will also lock all reports and metrics used on dashboard.

Example with Masking and Protected Attributes

A project with an Account attribute must be securely masked.
You set up Element Masking on this attribute and you set masking metric permission to “Only Admins can modify this metric”.
You can then create metrics, reports and put them on dashboards. You can set dashboards, reports and metrics permissions to “Only Admins can modify this dashboard/report/metric.” The padlock symbol appears above the dashboard, the report and next to all used metrics.
You set Account attribute to protected.
Users are able to create custom ad-hoc reports, but they cannot use the Account attribute in their reports. They can see Account attribute with masked values in reports created by you and are able to use dashboard filters. They will not however be able to edit such reports nor drill into them.



  • No labels