5 Considerations for Oracle Data Redaction

Oracle provides these guidelines for using Oracle Data Redaction securely.

• Oracle Data Redaction General Security Guidelines
  It is important to understand the general security guidelines for using Oracle Data Redaction.
• Restriction of Administrative Access to Oracle Data Redaction Policies
  You can restrict the list of users who can create, view, and edit Data Redaction policies.
• How Oracle Data Redaction Affects the SYS, SYSTEM, and Default Schemas
  Both users SYS and SYSTEM automatically have the EXEMPT REDACTION POLICY privilege.
• Policy Expressions That Use SYS_CONTEXT Attributes
  Be careful when writing a policy expression that depends on a SYS_CONTEXT attribute that is populated by an application.
• Oracle Data Redaction Policies on Materialized Views
  You can create Oracle Data Redaction policies on materialized views and on their base tables.
• Oracle Data Redaction and Object Dependencies
  Objects with dependencies will get recompiled, but you can proactively recompile them yourself.
• Oracle Data Redaction and Cursor Expression Queries on Columns Protected by Data Redaction Policies
  Cursor expression queries that include the UNION clause between SQL statements selecting columns that are protected by Oracle Data Redaction policies may return fewer rows.
• Redaction Results of a SQL Expression When Using Multiple Columns With Different Policy Expressions
  When a SQL expression uses multiple columns that have different policy expressions applied, the SQL expression is evaluated first and the result of the SQL expression is redacted if the user does not have the EXEMPT REDACTION POLICY privilege and if any of the policy expressions evaluates to TRUE.