[20181018]Oracle Database 12c: Data Redaction.txt
[20181018]Oracle Database 12c: Data Redaction.txt
--//簡單測試Data Redaction.Data Redaction主要目的對敏感資訊的保護,隨著對個人隱私的保護力度以及法律的加強,
--//這方面也許越來越重要.
1.環境:
SCOTT@test01p> @ ver1
PORT_STRING VERSION BANNER CON_ID
------------------------------ -------------- -------------------------------------------------------------------------------- ----------
IBMPC/WIN_NT64-9.1.0 12.2.0.1.0 Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production 0
create table empx as select * from emp;
Avalible Redaction Methods:
Type Description
None No redaction is performed.
Full Columns are redacted to constant values based on the column data type.
Partial User-specified positions are replaced by a user-specified character.
Random Data type is preserved and different values are output each time.
Regular Expression A "match and replace" is performed based on parameters
--//具體細節還給看看文件.
SCOTT@test01p> select * from scott.empx where rownum<=3;
EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO
----- ---------- --------- ---------- ------------------- ---------- ---------- ----------
7369 SMITH CLERK 7902 1980-12-17 00:00:00 800 20
7499 ALLEN SALESMAN 7698 1981-02-20 00:00:00 1600 300 30
7521 WARD SALESMAN 7698 1981-02-22 00:00:00 1250 500 30
--//另外注意不能對sys和system使用者進行資料的redact。因為他們都有EXP_FULL_DATABASE這個角色,而這個角色又包含了EXEMPT
--//REDACTION POLICY系統許可權。同理,也不能直接賦予使用者dba許可權,dba自動包含EXP_FULL_DATABASE角色。
SYSTEM@test01p> revoke dba from scott;
Revoke succeeded.
2.測試:
--//define Redaction Policy,以system使用者執行:
begin
DBMS_REDACT.ADD_POLICY
(policy_name => 'EMPSAL_POLICY',
object_schema => 'SCOTT',
object_name => 'EMPX',
column_name => 'SAL',
expression => '1=1',
function_type => DBMS_REDACT.FULL);
end;
/
--//以scott使用者登入執行:
SCOTT@test01p> select * from scott.empx where rownum<=3;
EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO
---------- ---------- --------- ---------- ------------------- ---------- ---------- ----------
7369 SMITH CLERK 7902 1980-12-17 00:00:00 0 20
7499 ALLEN SALESMAN 7698 1981-02-20 00:00:00 0 300 30
7521 WARD SALESMAN 7698 1981-02-22 00:00:00 0 500 30
--//sal=0
--//Modifiying Redaction Policy:
begin
DBMS_REDACT.ALTER_POLICY(
policy_name => 'EMPSAL_POLICY',
object_schema => 'SCOTT',
object_name => 'EMPX',
column_name => 'SAL',
action => DBMS_REDACT.MODIFY_column,
function_type => DBMS_REDACT.partial,
function_parameters => '9,1,10'
);
end;
/
SCOTT@test01p> select * from scott.empx where rownum<=3;
EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO
---------- ---------- --------- ---------- ------------------- ---------- ---------- ----------
7369 SMITH CLERK 7902 1980-12-17 00:00:00 999 20
7499 ALLEN SALESMAN 7698 1981-02-20 00:00:00 9999 300 30
7521 WARD SALESMAN 7698 1981-02-22 00:00:00 9999 500 30
--//全部換成999
--//Drop a redact policy:
BEGIN
DBMS_REDACT.DROP_POLICY(
object_schema => 'SCOTT',
object_name => 'EMPX',
policy_name => 'EMPSAL_POLICY'
);
END;
/
SCOTT@test01p> select * from scott.empx where rownum<=3;
EMPNO ENAME JOB MGR HIREDATE SAL COMM DEPTNO
---------- ---------- --------- ---------- ------------------- ---------- ---------- ----------
7369 SMITH CLERK 7902 1980-12-17 00:00:00 800 20
7499 ALLEN SALESMAN 7698 1981-02-20 00:00:00 1600 300 30
7521 WARD SALESMAN 7698 1981-02-22 00:00:00 1250 500 30
3.還有許多功能,不測試了.
--//收尾.
SYSTEM@test01p> grant dba to scott;
Grant succeeded.
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/267265/viewspace-2216853/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- [20181018]12c Pluggable Database save state.txtDatabase
- Oracle 12C Database File Mapping for Oracle ASM FilesOracleDatabaseAPPASM
- ORACLE-1Z0-060題庫(Upgrade to Oracle Database 12c)OracleDatabase
- Oracle設定日誌引數-ALTER DATABASE ADD SUPPLEMENTAL LOG DATA;OracleDatabase
- 嚐鮮Oracle Database 12c的十二大新特性VKOracleDatabase
- Oracle資料庫12c最新安全工具Data RedactionFPOracle資料庫
- Oracle Database 12c RAC損壞ocr和votedisk恢復實驗OracleDatabase
- Oracle 12c DG備庫啟動報錯standby database requires recoveryOracleDatabaseUI
- ORACLE database vaultOracleDatabase
- Oracle clone databaseOracleDatabase
- Oracle Database Cloud - Database as a Service Quick StartOracleDatabaseCloudUI
- [20181009]12C FULL DATABASE CACHING.txtDatabase
- Oracle Database Scheduler整理OracleDatabase
- Oracle Physical Database LimitsOracleDatabaseMIT
- Oracle 12.2 使用Database Link優化Standby Database WorkloadOracleDatabase優化
- Oracle 12c Automatic ReoptimizationOracle
- Oracle 12C安裝Oracle
- Oracle 19c Concepts(01):Introduction to Oracle DatabaseOracleDatabase
- Oracle 19c Concepts(13):Oracle Database InstanceOracleDatabase
- Oracle OCP(35):Database 安裝OracleDatabase
- oracle 10g flashback databaseOracle 10gDatabase
- Oracle DG Standby Database型別OracleDatabase型別
- Oracle DG建立Physical Standby DatabaseOracleDatabase
- Oracle DG建立Logical Standby DatabaseOracleDatabase
- Oracle data link建立Oracle
- Oracle 12c升級指南Oracle
- 12C Oracle ASM Filter DriverOracleASMFilter
- Oracle 12C Statistics on Column GroupsOracle
- sysbench壓測Oracle 12COracle
- benchmark 壓測Oracle 12cOracle
- Oracle OCP(38):Database 物理結構OracleDatabase
- 關於Oracle Database Vault介紹OracleDatabase
- Scheduler in Oracle Database 10g(轉)OracleDatabase
- [翻譯]-Detect And Repair Corruption in an Oracle DatabaseAIOracleDatabase
- Oracle 19c Database Management ToolsOracleDatabase
- 4.1.6 Oracle Restart 與 Oracle Data Guard 整合OracleREST
- Oracle 19c Concepts(00):Changes in This Release for Oracle Database ConceptsOracleDatabase
- 【Oracle】Windows安裝oracle11gR1 database 11.1.0.6OracleWindowsDatabase