Data Redaction option is a part of Oracle Advanced Security. Oracle Advanced Security ( OAS ) can be used after Oracle 22.214.171.124 version and it is a licensed product. You do not need to make any special installation to use Oracle Advanced Security. Just there are some database codes ( packages) to use OAS options. In this note and the following notes I will show you can use Data Redaction option of OAS . First let’s me explain what is Data Redaction and where you can use it.
Data Redaction can bu used for masking sensitive data by using special security policies. Data is masked at the database level and can not be seen on the network as well. The important point is; you do not need to change your applications to mask data. Data is masked for only special logins which are defined by security policies. Applications can reach data as usual. Data can be seen from applications. Especially ; This product is used to hide the data when connected from ad-hoc query tools ( like SQLPlus or TOAD ).
With the Data Redaction option, we use one of the following methods to hide data.
Full Redaction : The table columns are completely masked.
numeric columns become 0 and varchar columns become a space character.
Partial Redaction : Only a certain part of the a column is redacted.
For example, a part of the column is masked with ‘*’ character
Regular Expressions: It is used to mask a specific part of the data for character columns of different sizes
Random Redaction: Depending on the type of colon, the data is redacted randomly.
No Redaction : In this type of redaction, there is no change in the data. This redaction is used to test the effect of the redaction on the database performance.
Now I gave a brief introduction on the Data Redaction. On the following notes ; we will work on all these redaction types with examples.