23.4 Data Redaction

OFSAA is enhanced to enable masking of sensitive data and Personal Identification Information (PII) to adhere to Regulations and Privacy Policies. Oracle Data Redaction provides selective, on-the-fly redaction of sensitive data in database query results prior to display by applications so that unauthorized users cannot view the sensitive data. The stored data remains unaltered, while displayed data is transformed to a pattern that does not contain any identifiable information.

Enabling Data Redaction in case of Upgrade

This section details about the configurations required in case you want to enable Data Redaction in OFSAA applications after upgrade to OFSAA 8.0.8.0.0 version from a previous version. Additionally, these configurations are required in case you did not enable TDE during OFS AAAI 8.0.8.0.0 installation and want to enable at a later point of time.

Perform the following steps:

1. Login as SYSDBA into the database.
2. Execute the file $FIC_HOME/utility/data_security/scripts/create_data_sec_roles.sql only once per database (PDB in case of 12c).
3. Execute the following sql statement to find out the list of atomic users from the table:
4. select v_schema_name from aai_db_detail where V_DB_NAME 'CONFIG' AND V_DB_TYPE = 'ORACLE'
5. Execute the file $FIC_HOME/utility/data_security/scripts/grant_data_sec_roles.sql for all atomic users found in the previous step.
6. From the Configuration window in the System Configuration module, select the Allow Data Redaction checkbox.
7. Run the Data Redaction utility. For more details on how to run the utility, see Data Redaction section under Data Security and Data Privacy chapter in OFS Analytical Applications Infrastructure Administration Guide 8.0.8.0.0.