Re: Oracle Advanced Security and Redaction

From: Hans Forbrich <fuzzy.graybeard_at_gmail.com>
Date: Thu, 10 Mar 2016 07:57:19 -0700
Message-ID: <56E18B4F.3060501_at_gmail.com>

Yes, that is true. At this time, and clearly documented in the licensing manual you reference:

Run-time Redaction is part of ASO
Encryption for data at rest (TDE) is part of ASO
Encryption for data in motion is no longer part of ASO, but is freely available
Permanent redaction, known as Masking and required for test/dev, is part of Data Masking and Subsetting Pack of EM.
Row Level Security, Real Application Security, Enterprise User Security with PKI, and Transparent Sensitive Data Protection are included with Enterprise Edition according to the Features chapter.

In my opinion (stated in many, many classes I've taught), every DBA should allocate 1/2 each month to review the License documents - both the Database and the Enterprise Manager ones. Being aware of the contents could save grief. Finding them is not difficult: start at http://docs.oracle.com

/Hans

On 10/03/2016 6:51 AM, rob_at_oraclewizard.com wrote:
> And from my Reading, it appears you need OAS to use redaction. -Rob
>
>
> Oracle Advanced Security
>
> Oracle Advanced Security helps you protect sensitive information and
> comply with various privacy and compliance regulations including
> breach notification laws and the Payment Card Industry Data Security
> Standard (PCI-DSS) by enabling encryption inside the database that is
> transparent to applications and enabling redaction of sensitive data
> before it leaves the database.
>
> Oracle Advanced Security provides two primary security features:
> Transparent Data Encryption and Data Redaction.Data Redaction is new
> in Oracle Advanced Security with the release of Oracle Database 12c
> and provides the ability to redact sensitive information such as
> credit card data and social security numbers before the information
> leaves the database and is displayed by applications. Transparent Data
> Encryption provides encryption of data stored in the database,
> exported from the database using DataPump, or disk-based backups using
> Oracle RMAN.
>
>
> ===================================
>
> Robert P. Lockard Oracle ACE
>
> Winner of the 2015 Oracle Developers Choice Award for Database Design
>
> President Oraclewizard.com, Inc.
> "When given the choice between two evils, I always take the one I have
> not tried." Mae West
> (cell) 571.276.4790
> (office) 410.766.6960
> (fax) 410.766.0332
> twitter _at_navonpilot
> youtube https://www.youtube.com/user/n4281k
> blog: http://www.oraclewizard.com
>
> -----Original Message-----
> *From:* Hans Forbrich [mailto:fuzzy.graybeard_at_gmail.com]
> *Sent:* Thursday, March 10, 2016 08:41 AM
> *To:* oracle-l_at_freelists.org
> *Subject:* Re: The issue about using wireshark to dissect Oracle
> TNS protocol packet
>
> Side note: do you know that Encrypted SQL*Net does not require an
> extra license?
>
> From
> http://docs.oracle.com/database/121/DBLIC/options.htm#DBLIC143 we
> read "Network encryption (native network encryption and SSL/TLS)
> and strong authentication services (Kerberos, PKI, and RADIUS) are
> no longer part of Oracle Advanced Security and are available in
> all licensed editions of all supported releases of the Oracle
> database."
>
> A discuiion on how to accomlish this is at
> https://docs.oracle.com/cd/B28359_01/server.111/b28337/tdpsg_network_secure.htm#CHDHFHIE
>
>
> /Hans
>

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Mar 10 2016 - 15:57:19 CET

This message: [ Message body ]
Next message: Sandra Becker: "Re: Need two databases same name, same cluster, different versions"
Previous message: rob_at_oraclewizard.com: "Re: Oracle Advanced Security and Redaction"
In reply to: rob_at_oraclewizard.com: "Oracle Advanced Security and Redaction"
Next in thread: Hans Forbrich: "Re: Oracle Advanced Security and Redaction"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message