Solved

SSN field changer/scrambler needed

Posted on 2008-10-10
8
683 Views
Last Modified: 2013-12-18
We  have 2 oracle data bases one is for production and one is a test with the same user info in both.  we would to make some sort of script or function to scramble the ssn field on our test database.  thanks for your help let me know if you have any questions.
0
Comment
Question by:nelslarson
  • 5
  • 3
8 Comments
 
LVL 73

Expert Comment

by:sdstuber
ID: 22691897
does the end result have to be a different ssn?  or can it be any number at all?  does it have to be a number?

are the ssn's  stored as numbers?  or as strings in 123-45-6789  format?  
0
 
LVL 1

Author Comment

by:nelslarson
ID: 22776499
Its a text field in the format of 123456789 it needs to be nine digits
0
 
LVL 73

Expert Comment

by:sdstuber
ID: 22777891
A simple one is to merely do a rotation.


CREATE OR REPLACE FUNCTION obfuscate_ssn(p_ssn IN INTEGER, p_seed IN VARCHAR2)
    RETURN VARCHAR2
IS
BEGIN
    RETURN TO_CHAR(MOD(p_ssn + p_seed, 1000000000), 'fm000000000');
END obfuscate_ssn;

if you want something more random,  I recommend creating a translation table.
then do a lookup.  generating a random cycle on the fly and iterating through it for each number will be very slow.
0
 
LVL 1

Author Comment

by:nelslarson
ID: 22778002
so wouldit be like this 123456789 converted into 987654321
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 73

Expert Comment

by:sdstuber
ID: 22778340
you could do a reversal too, yes.

that would work for all ssn's that aren't palindromes.  222454222

the obfuscate_ssn would generate different values depending on your seed.

you would pick a single seed (in which case you could remove the parameter and put it in as a constant)

and use it for all the ssn's.


you could include a reversal too if you wanted


CREATE OR REPLACE FUNCTION obfuscate_ssn(p_ssn IN INTEGER, p_seed IN VARCHAR2)
    RETURN VARCHAR2
IS
    v_temp     VARCHAR2(9) := TO_CHAR(MOD(p_ssn + p_seed, 1000000000), 'fm000000000');
    v_result   VARCHAR2(9) := NULL;
BEGIN
    FOR i IN 1 .. 9
    LOOP
        v_result   := v_result || SUBSTR(v_temp, 10 - i, 1);
    END LOOP;

    RETURN v_result;
END obfuscate_ssn;

0
 
LVL 1

Author Comment

by:nelslarson
ID: 22778358
so the rotation solution if a ssn was 123456789 what would the it change the field to ?
0
 
LVL 73

Accepted Solution

by:
sdstuber earned 500 total points
ID: 22778435
depends on your seed, all you have to do is try it

SELECT   obfuscate_ssn(123456789, 0),
         obfuscate_ssn(123456789, 1),
         obfuscate_ssn(123456789, 20),
         obfuscate_ssn(123456789, 198746385)
  FROM   DUAL;


with the original function
 

 you'll get 

123456789   123456790  123456809   322203174
 
 

with the second version...
 
 

you'll get
 

987654321  097654321  908654321  471302223

Open in new window

0
 
LVL 73

Expert Comment

by:sdstuber
ID: 22778572
if you want to make it harder to decipher what the rotation seed is, you can call it multiple times.
note, the p_seed should have been declared as a number in all examples above,  I've corrected it here...

also note, if anyone knows the obfuscation algorithm, simple trial and error will decipher the correct seed.  even with repeated calls.  The recursive method below doesn't really make it more secure, it just makes it less "human-eye" decipherable.


CREATE OR REPLACE FUNCTION obfuscate_ssn(p_ssn IN INTEGER, p_seed IN NUMBER)
    RETURN VARCHAR2
IS
    v_temp     VARCHAR2(9) := TO_CHAR(MOD(p_ssn + p_seed, 1000000000), 'fm000000000');
    v_result   VARCHAR2(9) := NULL;
BEGIN
    FOR i IN 1 .. 9
    LOOP
        v_result   := v_result || SUBSTR(v_temp, 10 - i, 1);
    END LOOP;

    IF p_seed > 2
    THEN
        v_result   := obfuscate_ssn(v_result, FLOOR(p_seed / 2));
    END IF;

    RETURN v_result;
END obfuscate_ssn;
SELECT   obfuscate_ssn(123456789, 0),

         obfuscate_ssn(123456789, 1),

         obfuscate_ssn(123456789, 20),

         obfuscate_ssn(123456789, 198746385)

  FROM   DUAL;
 
 

987654321  097654321  333456814  503620388

Open in new window

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Subquery in Oracle: Sub queries are one of advance queries in oracle. Types of advance queries: •      Sub Queries •      Hierarchical Queries •      Set Operators Sub queries are know as the query called from another query or another subquery. It can …
Truncate is a DDL Command where as Delete is a DML Command. Both will delete data from table, but what is the difference between these below statements truncate table <table_name> ?? delete from <table_name> ?? The first command cannot be …
This video shows how to Export data from an Oracle database using the Original Export Utility.  The corresponding Import utility, which works the same way is referenced, but not demonstrated.
This video shows how to configure and send email from and Oracle database using both UTL_SMTP and UTL_MAIL, as well as comparing UTL_SMTP to a manual SMTP conversation with a mail server.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now