I. Introduction
Oracle 12c introduces many new security features, such as data redaction, data masking, encrypted table spaces, etc. It also introduces a unified audit function that can record and monitor all accesses and operations to the database, improving data security.
2. Examples of security functions
1. Data Redaction:
Function Description:
This feature is used to dynamically desensitize sensitive data in query results to protect data privacy. For example, suppose you have an employees table that contains employees' social security numbers. To protect this sensitive data, the data redaction feature can be used to automatically mask these social security numbers.
-
The purpose of data red action:
- The purpose of data redaction is to dynamically desensitize sensitive data outside of application and database administrators to protect sensitive information while still allowing authorized users to view the data.
-
How the data red action works:
- Before the query results are returned to the user, the data red action desensitizes the sensitive data in the specified fields.
- Masking rules can be customized as needed, such as replacing the first few digits of a credit card number with asterisks, displaying only the last four digits of a phone number, or hiding the data entirely.
-
Configuration and management of data red actions:
- Use
DBMS_REDACT.ADD_POLICY
procedures to create data red action strategies. <
- Use