This article demonstrates a number of the enhancements to Data Redaction in Oracle Database 12c Release 2 (12.2).
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647
CONN / AS SYSDBA
ALTER SESSION SET CONTAINER = pdb1;
GRANT EXECUTE ON sys.dbms_redact TO test;
CONN test/test@pdb1
DROP TABLE payment_details PURGE;
CREATE TABLE payment_details (
id NUMBER NOT NULL,
customer_id NUMBER NOT NULL,
card_no NUMBER NOT NULL,
card_string VARCHAR2(19) NOT NULL,
expiry_date DATE NOT NULL,
sec_code NUMBER NOT NULL,
valid_date DATE,
CONSTRAINT payment_details_pk PRIMARY KEY (id)
);
INSERT INTO payment_details VALUES (1, 4000, 1234123412341234, '1234-1234-1234-1234', TRUNC(ADD_MONTHS(SYSDATE,12)), 123, NULL);
INSERT INTO payment_details VALUES (2, 4001, 2345234523452345, '2345-2345-2345-2345', TRUNC(ADD_MONTHS(SYSDATE,12)), 234, NULL);
INSERT INTO payment_details VALUES (3, 4002, 3456345634563456, '3456-3456-3456-3456', TRUNC(ADD_MONTHS(SYSDATE,12)), 345, NULL);
INSERT INTO payment_details VALUES (4, 4003, 4567456745674567, '4567-4567-4567-4567', TRUNC(ADD_MONTHS(SYSDATE,12)), 456, NULL);
INSERT INTO payment_details VALUES (5, 4004, 5678567856785678, '5678-5678-5678-5678', TRUNC(ADD_MONTHS(SYSDATE,12)), 567, NULL);
COMMIT;
ALTER SESSION SET nls_date_format='DD-MON-YYYY';
COLUMN card_no FORMAT 9999999999999999
SET LINESIZE 100
SELECT *
FROM payment_details
ORDER BY id;
ID CUSTOMER_ID CARD_NO CARD_STRING EXPIRY_DATE SEC_CODE VALID_DATE
---------- ----------- ----------------- ------------------- ----------- ---------- -----------
1 4000 1234123412341234 1234-1234-1234-1234 28-OCT-2015 123
2 4001 2345234523452345 2345-2345-2345-2345 28-OCT-2015 234
3 4002 3456345634563456 3456-3456-3456-3456 28-OCT-2015 345
4 4003 4567456745674567 4567-4567-4567-4567 28-OCT-2015 456
5 4004 5678567856785678 5678-5678-5678-5678 28-OCT-2015 567
5 rows selected.
SQL>12345678910111213141516171819202122232425262728293031323334353637383940414243444546
CONN test/test@pdb1
BEGIN
DBMS_REDACT.add_policy(
object_schema => 'test',
object_name => 'payment_details',
column_name => 'card_no',
policy_name => 'redact_card_info',
function_type =>
DBMS_REDACT.nullify
,
expression => '1=1'
);
DBMS_REDACT.alter_policy (
object_schema => 'test',
object_name => 'payment_details',
policy_name => 'redact_card_info',
action => DBMS_REDACT.add_column,
column_name => 'card_string',
function_type =>
DBMS_REDACT.partial
,
function_parameters =>
DBMS_REDACT.REDACT_CCN16_F12
);
END;
/
ALTER SESSION SET nls_date_format='DD-MON-YYYY';
COLUMN card_no FORMAT 9999999999999999
SELECT *
FROM payment_details
ORDER BY id;
ID CUSTOMER_ID CARD_NO CARD_STRING EXPIRY_DATE SEC_CODE VALID_DATE
---------- ----------- ----------------- ------------------- ----------- ---------- -----------
1 4000 ****-****-****-1234 28-AUG-2018 123
2 4001 ****-****-****-2345 28-AUG-2018 234
3 4002 ****-****-****-3456 28-AUG-2018 345
4 4003 ****-****-****-4567 28-AUG-2018 456
5 4004 ****-****-****-5678 28-AUG-2018 567
SQL>123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151
COLUMN policy_name FORMAT A30
COLUMN expression FORMAT A30
SELECT policy_name,
expression
FROM redaction_policies
WHERE object_owner = 'TEST'
AND object_name = 'PAYMENT_DETAILS';
POLICY_NAME EXPRESSION
------------------------------ ------------------------------
redact_card_info 1=1
SQL>
SET LINESIZE 120
COLUMN column_name FORMAT A30
COLUMN function_parameters FORMAT A50
SELECT column_name,
function_type,
function_parameters
FROM redaction_columns
WHERE object_owner = 'TEST'
AND object_name = 'PAYMENT_DETAILS';
COLUMN_NAME FUNCTION_TYPE FUNCTION_PARAMETERS
------------------------------ --------------------------- --------------------------------------------------
CARD_NO NULLIFY REDACTION
CARD_STRING PARTIAL REDACTION VVVVFVVVVFVVVVFVVVV,VVVV-VVVV-VVVV-VVVV,*,1,12
SQL>
BEGIN
DBMS_REDACT.create_policy_expression (
policy_expression_name => 'test_redact_policy',
expression => '1=1',
policy_expression_description => 'Always redact.');
DBMS_REDACT.apply_policy_expr_to_col (
object_schema => 'test',
object_name => 'payment_details',
column_name => 'card_no',
policy_expression_name => 'test_redact_policy');
END;
/
SELECT column_name,
expression
FROM redaction_expressions
WHERE object_owner = 'TEST'
AND object_name = 'PAYMENT_DETAILS';
COLUMN_NAME EXPRESSION
------------------------------ ------------------------------
CARD_NO 1=1
SQL>
SELECT *
FROM payment_details
ORDER BY id;
ID CUSTOMER_ID CARD_NO CARD_STRING EXPIRY_DATE SEC_CODE VALID_DATE
---------- ----------- ----------------- ------------------- ----------- ---------- -----------
1 4000 ****-****-****-1234 28-AUG-2018 123
2 4001 ****-****-****-2345 28-AUG-2018 234
3 4002 ****-****-****-3456 28-AUG-2018 345
4 4003 ****-****-****-4567 28-AUG-2018 456
5 4004 ****-****-****-5678 28-AUG-2018 567
SQL>
BEGIN
DBMS_REDACT.update_policy_expression(
policy_expression_name => 'test_redact_policy',
expression => '1=0');
END;
/
SELECT *
FROM payment_details
ORDER BY id;
ID CUSTOMER_ID CARD_NO CARD_STRING EXPIRY_DATE SEC_CODE VALID_DATE
---------- ----------- ----------------- ------------------- ----------- ---------- -----------
1 4000 1234123412341234 ****-****-****-1234 28-AUG-2018 123
2 4001 2345234523452345 ****-****-****-2345 28-AUG-2018 234
3 4002 3456345634563456 ****-****-****-3456 28-AUG-2018 345
4 4003 4567456745674567 ****-****-****-4567 28-AUG-2018 456
5 4004 5678567856785678 ****-****-****-5678 28-AUG-2018 567
SQL>
COLUMN policy_name FORMAT A30
COLUMN expression FORMAT A30
SELECT policy_name,
expression
FROM redaction_policies
WHERE object_owner = 'TEST'
AND object_name = 'PAYMENT_DETAILS';
POLICY_NAME EXPRESSION
------------------------------ ------------------------------
redact_card_info 1=1
SQL>
SELECT column_name,
expression
FROM redaction_expressions
WHERE object_owner = 'TEST'
AND object_name = 'PAYMENT_DETAILS';
COLUMN_NAME EXPRESSION
------------------------------ ------------------------------
CARD_NO 1=0
SQL>
BEGIN
DBMS_REDACT.apply_policy_expr_to_col(
object_schema => 'test',
object_name => 'payment_details',
column_name => 'card_no',
policy_expression_name => null);
END;
/
SELECT *
FROM payment_details
ORDER BY id;
ID CUSTOMER_ID CARD_NO CARD_STRING EXPIRY_DATE SEC_CODE VALID_DATE
---------- ----------- ----------------- ------------------- ----------- ---------- -----------
1 4000 ****-****-****-1234 28-AUG-2018 123
2 4001 ****-****-****-2345 28-AUG-2018 234
3 4002 ****-****-****-3456 28-AUG-2018 345
4 4003 ****-****-****-4567 28-AUG-2018 456
5 4004 ****-****-****-5678 28-AUG-2018 567
SQL>
BEGIN
DBMS_REDACT.drop_policy_expression(
policy_expression_name => 'test_redact_policy');
END;
/Please to add comments
No comments yet. Be the first to comment!