Data Redaction is oracle 12c feature, that provides ability to hide your sensitive data in real world.
Best example: While logging to your social site in front of your friends, you wouldn’t hesitate input password because you know while providing your password, It would look like *********. Right? Its nothing but part of security. You will experience the same with the Data Redaction in 12c, lets see how.
In this article, we’ll discuss on Introduction part, Use and benefits of data redaction in real world and scenario simulation to understand the topic.
Data Redaction enables you to change/mask/redact your real data that would be return from database queries issued by applications. Redact your real world data with the help of following types:
- Full Redaction:
With this, you can redact entire column data. Redacted value returned to the querying application depends on the data type of the column. Ex: Character data type would redact to single space or NUMBER data type would redact zero.
- Partial Redaction:
With this, Portion of the data would be redacted. For Ex: In your bank monthly statement email, Your account number might redacted in order to read only last 4 digit and rest might replace with ‘*’ or Big DOT.
- Regular Expressions:
With this, we can redact patterns of data. For Ex: We can use regular expressions to redact land line number OR Email id, those have varying character lengths.
Note: This type is only suitable with character data types.
- Random redaction:
Each time it generates random data for each application user queries. Depending upon data type of that column.
- No Redaction:
This type is available in order to test your internal operation of your already generated redacted policies, with no effect on the results fetch by application user. Useful to test policies definitions before production environment use.
When application user access data at the same time(at query execution time) oracle database redact real data and display it to user in redacted format. This feature will help you to achieve Industry rules & regulations for security purpose.
Use of Data Redaction:
Whenever you worry about your sensitive data security in order to display to nowise person. Think about data redaction. As we discussed, Redaction is nothing but masking of your real world data, Data redaction enable you to mask the data using different styles available that we discuss above.
Best real world examples:
Bank monthly statement on email OR Call center applications OR applications those are read-only.
Benefits in order to protect your data are as follows:
- Various redaction methods available.
- Best fit for those environment where data will be keep on changing.
- Easy to create data redaction policy and mange it from central location.
- Policies having wide variety of function conditions based on SYS_CONTEXT values.
These are about the data redaction introduction, its type and benefits, Kindly stay tune with my next article on Configuration of Data Redaction policies.