We are discussing the management of Oracle Database 12c in Oracle Enterprise Manager 12c. In our previous blog post on this topic, we looked at how user administration is performed for a 12c Database using Enterprise Manager, such as the creation of a common user for the CDB$ROOT.
Let us talk now about the capability of Oracle Data Redaction. This is a new Oracle Database 12c feature, which camouflages data on the fly when being displayed. It is a feature of Oracle Advanced Security i.e. it is licensed via theAdvanced Security Option (ASO).
Login to Enterprise Manager 12c Cloud Control, and open the (12c) Database target menu. From this menu, selectAdministration.. Security.. Oracle Data Redaction as seen above. This opens the Data Redaction page displayed in the following screenshot.
There are no Data Redaction Policies currently in this database. Click on “Create” to formulate a new policy. The Create Data Redaction Policy page appears.
Name the Data Redaction Policy as “SAL_POLICY” (any appropriate name), and select the schema as HR and table as EMPLOYEES, and also the policy expression. Here we have used 1=1 signifying that all rows will be used.
Note that the HR user was previously created in the PDB3 Pluggable database.
You can now add an Object column to the policy, by clicking on the “Add” button.
Select the Salary column and a Redaction template. Full Redaction will redact (hide) all the data in the column, i.e. the entire Salary figure will be hidden. Since it is a Numeric column, it will be redacted with a Zero.
We will continue setting up Data Redaction via Enterprise Manager, in the next blog post. The Redaction policy will also be verified by a login test to the database.
This blog post was originally posted at this link.
No comments:
Post a Comment