Oracle Data Redaction Type
Published by : Obay Salah , November 20, 2024
Redaction Types (Function Type):
Full Data Redaction:
Performs a full Redact of the contents of the specified column in the table or View.
It is activated through the setting.
function_type => DBMS_REDACT.FULL
Full Data Redaction is the default setting when redacting columns.
You can use the procedure DBMS_REDACT.UPDATE_FULL_REDACTION_VALUES to change the Full Redaction to other values.
You can also find the current values through the query REDACTION_VALUES_FOR_TYPE_FULL.
By default, the output is displayed as follows:
- Character data types: The output text is a single blank space.
- Number data types: The output text is a zero (0).
- Date-time data types: The output text is set to the first day of January, 2001, which appears as 01-JAN-2001.
function_type => DBMS_REDACT.PARTIAL
The function_parameters variable is used to define how the redaction is applied.
The output of this type of redaction, Partial Redaction, will be when the value is 123456789, and the following expression is used:
function_parameters => '9,1,5' results in 999994321
Regular Expressions:
This type performs a Redact on a specific part of the column's data based on the data you want to redact. The column data can vary in length. For example, if you want to redact the part of the email address before the domain, such as if the email is Obay@gmail.com, the data will be displayed as (redacted@gmail.com) after redaction.
To enable this type of redaction, you use the procedure DBMS_REDACT.ADD_POLICY or DBMS_REDACT.ALTER_POLICY.
DBMS_REDACT.ADD_POLICY ) object_schema IN VARCHAR2 := NULL, object_name IN VARCHAR2, column_name IN VARCHAR2 := NULL, policy_name IN VARCHAR2, function_type IN BINARY_INTEGER := NULL, expression IN VARCHAR2, enable IN BOOLEAN := TRUE, regexp_pattern IN VARCHAR2 := NULL, regexp_replace_string IN VARCHAR2 := NULL, regexp_position IN BINARY_INTEGER := 1, regexp_occurrence IN BINARY_INTEGER := 0, regexp_match_parameter IN VARCHAR2 := NULL );
Redaction Using Null Values:
With this type, you can create an Oracle Data Redaction Policy that redacts the column data by replacing it with the null value.
This type allows you to use the function DBMS_REDACT.NULLIFY to hide all sensitive data in the table or View and replace it with the null value. You can use this function by utilizing the function_type variable in the procedure DBMS_REDACT.ADD_POLICY or the procedure DBMS_REDACT.ALTER_POLICY as follows:
function_type => DBMS_REDACT.NULLIFY
Random Data Redaction:
In random data redaction, the entire value is redacted by replacing it with a random value. The redacted value displayed in the query result set changes randomly each time the user runs the query. This type is useful in situations where you do not want it to be obvious that the data has been redacted. It works particularly well with numeric and date data types, where it is difficult to distinguish between random and real data.
function_type => DBMS_REDACT.RANDOM
Comments
no comment yet!