7.23.2 Data Redaction

OFSAA is enhanced to enable masking of sensitive data and Personal Identification Information (PII) to adhere to Regulations and Privacy Policies. Oracle Data Redaction provides selective, on-the-fly redaction of sensitive data in database query results before display by applications so that unauthorized users cannot view the sensitive data. The stored data remains unaltered, while displayed data is transformed into a pattern that does not contain any identifiable information.

To enable Data Redaction, perform the following steps:

1. Log in as SYSDBA into the database.
2. Execute the $FIC_HOME/utility/data_security/scripts/create_data_sec_ roles.sql file only once per database (PDB in case of 18c/19c).
3. Execute the following SQL statement to find out the list of atomic users from the table:

   select v_schema_name from aai_db_detail where V_DB_NAME <> 'CONFIG' AND V_DB_ TYPE = 'ORACLE'

4. Execute the $FIC_HOME/utility/data_security/scripts/grant_data_sec_roles.sql file for all atomic users found in the previous step.
5. From the Configuration window in the System Configuration module, select the Allow Data Redaction checkbox.
6. Run the Data Redaction utility.

   For more details on enabling Data Redaction, see the Data Redaction section in the Data Security and Data Privacy topic in the OFS Analytical Applications Infrastructure Administration and Configuration Guide.