data redaction feature, first introduced in Oracle 12c,
allows for the masking of sensitive data from the end-user
Prior to Oracle 12c, you had to create views to "hide"
sensitive column (pay rate, social_security_number, credit
card numbers, etc.), but in 12c and beyond you can use the
data redaction feature.
Any online user has experienced data redaction, which
amounts to the replacement of sensitive data with asterisk
list or other descriptive "masked" data.
In traditional data redaction, the data is never visible
to the end-user and it is hidden via the use of views or via
virtual private databases (VPD). Unlike views and
VPD's, the data remaining unchanged at the database level
and it is only "hidden from viewing".
Examples of data redaction include:
Credit card number:
For example, an end-user can updated a redacted data
column, but they are unable to see the previous value of the
data. Oracle data redaction uses a package called
dbms_redact, and allow for the control of the data
masking at the application layer.
The Oracle docs have an example of using the
dbms_redact for data redaction. The base
procedure is the add_policy procedure:
function_parameters => '*,1,5',
The dbms_redact policy prevents disclosure
of redacted data at many levels:
create table temp as select emp_name,
salary from employee;
ORA-28001 - Insufficient
privileges - The command referenced a redacted object.
- Data Pump Export (expdp) - Export
will not allow a redacted object to be exported.
New privileges with dbms_redact. The
following new privileges are required to bypass dbms_redact:
- exempt redaction policy
- exempt DDL redaction policy
- exempt DML redaction policy
The dbms_redact procedure introduces the
following of ORA-error messages for data redaction.
ORA-28060 - A Data Redaction policy
already exists on this column.
ORA-28061 - This
object cannot have a Data Redaction policy defined on it.
ORA-28062 - The policy expression is too long.
ORA-28063 - The policy expression is empty.
ORA-28064 - The type of redaction function is not valid.
ORA-28066 - Invalid column column
ORA-28069 - A
Data Redaction policy already exists on this object.
ORA-28073 - The column column_name has an unsupported
ORA-28074 - The field field_name of the
masking parameters is not valid
The "field" value can be any of the
See Table 119-3 and Table 119-4 for
examples of the field contents and field ordering.
ORA-28075 - The policy expression has unsupported functions
ORA-28076 - An attribute was not specified for
ORA-28077 - The attribute
specified (attribute) exceeds the maximum length
ORA-28078 - A regular expression parameter is missing or
ORA-28082 - The parameter parameter is
invalid (where the possible values are function_parameters,
column_description , policy_name and policy_description )
ORA-28085 - The input and output lengths of the
redaction do not match.
Oracle Training from Don Burleson
The best on site
training classes" are just a phone call away! You can get personalized Oracle training by Donald Burleson, right at your shop!
Burleson is the American Team
documentation was created as a support and Oracle training reference for use by our
DBA performance tuning consulting professionals.
Feel free to ask questions on our
considering using the services of an Oracle support expert should
independently investigate their credentials and experience, and not rely on
advertisements and self-proclaimed expertise. All legitimate Oracle experts
Oracle technology is changing and we
strive to update our BC Oracle support information. If you find an error
or have a suggestion for improving our content, we would appreciate your
and include the URL for the page.
Copyright © 1996 - 2020
All rights reserved by
is the registered trademark of Oracle Corporation.