RE: Oracle Advanced Security and Redaction
- From: "Powell, Mark" <mark.powell2@xxxxxxx>
- To: "oracle-l@xxxxxxxxxxxxx" <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 10 Mar 2016 15:40:46 +0000
In other words, once mechanisms for encryption (data at-rest and
data-inflight) and/or redaction are implemented, is personally-identifiable
information ("PII") protected across the board? <<
No, you still need to properly apply normal object security privileges, roles,
views, RLS, and VPD as needed.
From: oracle-l-bounce@xxxxxxxxxxxxx [
mailto:oracle-l-bounce@xxxxxxxxxxxxx] On ;
Behalf Of Tim Gorman
Sent: Thursday, March 10, 2016 9:38 AM
To: rob@xxxxxxxxxxxxxxxx; oracle-l@xxxxxxxxxxxxx
Subject: Re: Oracle Advanced Security and Redaction
Are encryption and redaction enough to protect the full life-cycle of
environments (i.e. prod, dev, test, train, patch, etc), or just production
environments?
In other words, once mechanisms for encryption (data at-rest and data-inflight)
and/or redaction are implemented, is personally-identifiable information
("PII") protected across the board?
On 3/10/16 06:51, rob@xxxxxxxxxxxxxxxx<
mailto:rob@xxxxxxxxxxxxxxxx> wrote:
And from my Reading, it appears you need OAS to use redaction. -Rob
Oracle Advanced Security
Oracle Advanced Security helps you protect sensitive information and comply
with various privacy and compliance regulations including breach notification
laws and the Payment Card Industry Data Security Standard (PCI-DSS) by enabling
encryption inside the database that is transparent to applications and enabling
redaction of sensitive data before it leaves the database.
Oracle Advanced Security provides two primary security features: Transparent
Data Encryption and Data Redaction. Data Redaction is new in Oracle Advanced
Security with the release of Oracle Database 12c and provides the ability to
redact sensitive information such as credit card data and social security
numbers before the information leaves the database and is displayed by
applications. Transparent Data Encryption provides encryption of data stored in
the database, exported from the database using DataPump, or disk-based backups
using Oracle RMAN.
===================================
Robert P. Lockard Oracle ACE
Winner of the 2015 Oracle Developers Choice Award for Database Design
President Oraclewizard.com, Inc.
"When given the choice between two evils, I always take the one I have not
tried." Mae West
(cell) 571.276.4790
(office) 410.766.6960
(fax) 410.766.0332
twitter @navonpilot
youtube
https://www.youtube.com/user/n4281k
blog:
http://www.oraclewizard.com
-----Original Message-----
From: Hans Forbrich [
mailto:fuzzy.graybeard@xxxxxxxxx]
Sent: Thursday, March 10, 2016 08:41 AM
To: oracle-l@xxxxxxxxxxxxx<
mailto:oracle-l@xxxxxxxxxxxxx>
Subject: Re: The issue about using wireshark to dissect Oracle TNS protocol
packet
Side note: do you know that Encrypted SQL*Net does not require an extra license?
From
http://docs.oracle.com/database/121/DBLIC/options.htm#DBLIC143 we read ;
"Network encryption (native network encryption and SSL/TLS) and strong
authentication services (Kerberos, PKI, and RADIUS) are no longer part of
Oracle Advanced Security and are available in all licensed editions of all
supported releases of the Oracle database."
A discuiion on how to accomlish this is at
https://docs.oracle.com/cd/B28359_01/server.111/b28337/tdpsg_network_secure.htm#CHDHFHIE
/Hans
Other related posts: