To determine and generate this list, you can use either of the following methods: Without TSDP, you would have to configure every redaction policy, column-level encryption configuration, and Virtual Private Database policy column by column. The policy could be to redact it, encrypt it, control access to it, audit access to it, and mask it in the audit trail. TSDP is particularly useful for government environments, in which you may have a lot of data with similar security restrictions and you must apply a policy to all of this data consistently. This helps auditors greatly by enabling them to estimate the protection for the data that the TSDP policies target. The benefits of TSDP policies are enormous: You easily can create and apply TSDP policies throughout a large organization with numerous databases. Optionally, you can export the TSDP policies for use in other databases. You can create a uniform TSDP policy for all of the data that you classify, and then modify this policy as necessary, as compliance regulations change. The TSDP policy applies at the column level of the table that you want to protect, targeting a specific column data type, such as all NUMBER data types of columns that contain credit card information. The TSDP policy then protects the sensitive data in these table columns by using either Oracle Data Redaction or Oracle Virtual Private Database settings. Examples of this type of sensitive data are credit card numbers or Social Security numbers. This feature enables you to quickly find the table columns in a database that hold sensitive data, classify this data, and then create a policy that protects this data as a whole for a given class. For more information about Oracle (NYSE:ORCL), visit sensitive data protection is a way to find and classify table columns that hold sensitive information. Oracle offers a comprehensive and fully integrated stack of cloud applications and platform services. My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts. To view full details, sign in with your My Oracle Support account.ĭon't have a My Oracle Support account? Click to get started!ġ) The first example: FULL redaction for the SAL column:Ģ) Second example: replace the SAL column with a fake value:ģ) The third example, alter the existing policy and redact the SSN column with a regular expression (regexp) mask: The use of the Data Redaction feature requires a license for the Advanced Security Option (that also covers Transparent Data Encryption). The DBMS_REDACT package is a new feature in RDBMS release 12c however it has also been made available in patchset 11.2.0.4. This document shows some examples creating Data Redaction policies using package DBMS_REDACT. Information in this document applies to any platform. Oracle Cloud Infrastructure - Database Service - Version N/A and later Oracle Database Exadata Cloud Machine - Version N/A and later Oracle Database Exadata Express Cloud Service - Version N/A and later Oracle Database Cloud Schema Service - Version N/A and later Oracle Database - Enterprise Edition - Version 11.2.0.4 to 12.1.0.1 Some examples of implementing Data Redaction using DBMS_REDACT
0 Comments
Leave a Reply. |