Frequently Asked Questions (2024)

What are the main components of Oracle Data Masking and Subsetting?

The main components are:

  • Application Data Modelingprovides automated procedures to discover sensitive columns and parent-child relationships. The discovery results are stored as an application data model, which is reusable across multiple databases.
  • Masking Format Library provides a comprehensive set of predefined masking formats to mask sensitive data such as credit card numbers, national identifiers, and phone It also allows creating new masking formats to meet domain-specific requirements.
  • Data Masking assists in mapping masking formats to discovered sensitive columns, creating reusable masking scripts. It also provides a workflow to mask data.
  • Data Subsetting helps create reusable goal/condition-based subsetting rules on a database. It also provides a workflow to generate subsets.

How does the product preserve the relational integrity of the data in an application?

Masking parent table that has child relationships also automatically masks the children to preserve referential integrity. For example - if there is a foreign key dependency, on a column that is being masked, we want to make sure that after masking, the foreign key constraint is not violated and appropriately mask the child table as necessary. Oracle Data Masking and Subsetting does the following to minimize the disruption of applications post-masking and subsetting:

  • The product uses automated discovery procedures to gather referential integrity or parent-child relationships between the columns before the masking and subsetting process.
  • During the masking and subsetting process, parent and child columns are processed consistently to preserve the integrity between these columns.
  • When masking a parent table that has child relationships, the tool automatically masks the child tables to preserve referential integrity. For example, if there is a foreign key dependency on a column that is being masked, the process ensures that after masking, the foreign key constraint is not violated by appropriately masking the child table as necessary.

Can masking support multi-byte or international characters?

Several masking options support multi-byte or international characters, such as UTF-8. The suitable masking formats include Array List, Shuffle, Substitute, Table Column, and User Defined Function.

Does the product include predefined masking formats?

Yes, Oracle Data Masking and Subsetting provides out-of-the-box masking formats covering a broad range of sensitive data, such as national identifiers of multiple countries, credit card numbers of various vendors, phone numbers, and more.

Which masking techniques are supported by the product?

Some options include generating fixed/random characters or numbers, replacing them with null values, substituting data from a random list or table column, and SQL or regular expression-based masking. You also have several advanced options to meet complex business requirements, such as:

  • Shuffle Masking randomly shuffles data within a table/ view. For example, columns containing salaries can be shuffled to break the employee-salary mapping.
  • Encryption encrypts sensitive data using a cryptographic key while preserving the data's format. It's a reversible masking option, and you can decrypt your data using the same key. This feature is useful when masked data sent to a third party has to be merged with further updates.
  • Conditional Masking masks column data using different masking formats based on user-defined conditions. For example, in a column, the US identifiers can be masked using the Social Security Number format and the UK identifiers using the National Insurance Number format.
  • Compound Masking masks related columns as a group, ensuring the masked data across the related columns retain the same For example, address fields such as city, state,
  • Deterministic Masking generates consistent masked output for a given input across application schemas and databases.
  • User-defined PL/SQL Masking enables you to define custom masking logic or migrate your existing masking scripts.

Oracle also offers a product called Data Redaction. Unlike data masking, Data Redaction does not alter the actual data. Instead, it modifies the output during display time, keeping the original data intact. This feature allows you to control who can see the original data and who sees the redacted or masked version.

What assurances does the product provide for the integrity of the masked and subsetted data?

Each masking format has built-in logic to validate the generated masked output. For example, all credit card number masking formats perform the Luhn check on the masked credit card numbers. Also, the product provides a preview option to validate the defined masking and subsetting criteria before running masking and subsetting scripts.

Can I migrate in-house masking scripts to Oracle Data Masking and Subsetting?

Yes, the product supports the migration of existing masking scripts for generating custom data types with user-defined PL/SQL masking functions.

Which subsetting techniques are supported by the product?

Oracle Data Masking and Subsetting simplifies the task of subsetting through its goal or condition-based subsetting techniques. A goal can be a relative table size, such as extracting a 1% subset of a table containing 10 billion rows. Condition-based subsetting is useful for creating a subset using the data itself. For example, you can use a time-based condition, such as discarding all user records created before a particular year. Another example is a region-based condition, where you might extract only Asia Pacific information to support new application development.

Does Oracle Data Masking and Subsetting work with packaged applications like Oracle E-Business Suite and Oracle Fusion Applications?

As Oracle Data Masking and Subsetting is a database-centric solution, it works for all supported databases regardless of the application. However, care is required when setting up data models and masking and subsetting definitions to avoid misconfigurations that could break complex applications. Oracle E-Business Suite and Oracle Fusion Applications provide prepackaged application data models and masking definitions for use with Oracle Data Masking and Subsetting.

Can I mask and subset databases running in Oracle Cloud?

Yes, you can mask and subset databases in the Oracle Cloud. Oracle Data Masking and Subsetting for cloud databases works much like on-premises databases. Oracle Data Safe, an OCI-native cloud service that supports sensitive data discovery and masking, is also available for Oracle Cloud users.

What all masking formats support deterministic masking?

Currently, Substitute and Encrypt masking formats provide deterministic masking transformation.

Encrypt Masking Format: This transformation encrypts and decrypts the original data using a secure key string. The input data format is preserved during encryption and decryption. This transformation uses powerful industry-standard 3DES algorithm. This transformation is helpful when businesses need to mask and send their data to a third-party for analysis, reporting, or any other business processing purpose. After the processed data is received from the third-party, the original data can be recovered using the same key string that was used to encrypt the data.

Substitute Masking Format: The Substitute format uses a table of values from which to substitute the original value with a mask value. As long as this table of values does not change, the mask is deterministic or consistent across the three databases.

How does reversibility work with encrypt masking format?

Reversibility can be performed using Encrypt Masking format which is Key Based Reversible Masking. It uses 3DES algorithm where a seed value is provided to encrypt and decrypt the data.

If a customer uses Oracle Data Masking and Subsetting on Enterprise Manager to generate the masking script, can thecustomer run these scripts directly on the DB Server for masking?

Yes, customer run these scripts directly on the DB Server for masking provided that everything is the same between the two environments and as long as the same seed is given.

If a customer masks data on one server (which is on-premises) and then the customer moves this data to another Oracle Database (e.g., on OCI cloud or any other third-party cloud), can Oracle Data Masking and Subsetting perform the decryption on this new server?

Yes, the customer can mask and subset databases in Oracle Database Cloud Service (DBCS). Oracle Data Masking and Subsetting for cloud databases works much like it does for on-premises databases. Oracle Data Masking and Subsetting license is included in DBCS High Performance, Extreme Performance, and Exadata Service.

Frequently Asked Questions (2024)
Top Articles
Search Results - Obituaries published on Winnipeg Free Press Passages
Mabel Hoggard: community interest materials (folder 1 of 3)
R/Honkaistarrail
Tiraj Rapid New York Midi
Cherry Downloadcenter
Tyson Employee Paperless
8Kun Hypnosis
Myvetstoreonline.pharmacy
NYC Drilled on Variant Response as Vaccine Limits Push State Appointments to Mid-April
80 For Brady Showtimes Near Brenden Theatres Kingman 4
Scoped Courses - Bruiser Industries
Who is Harriet Hageman, the Trump-backed candidate who beat Liz Cheney?
Busted Newspaper Randolph County
Lesson 10 Homework 5.3
Craigslist Albany Oregon Free Stuff
El Puerto Harrisonville Mo Menu
Apple Nails & Spa, 3429 Toringdon Way, Charlotte, Reviews and Appointments
Is Robert Manse Leaving Hsn
Megnutt Health Benefits
How 'The Jordan Rules' inspired template for Raiders' 'Mahomes Rules'
Eztv Ig
The Haunting Of A Dream House By Reeves Wiedeman
NFL Week 1 coverage map: Full TV schedule for CBS, Fox regional broadcasts | Sporting News
En souvenir de Monsieur Charles FELDEN
Is Slatt Offensive
Xxc Renegade 1000 Xxc Price In India Price
Poe Poison Srs
Duen Boobs
Shaws Star shines bright selling for 16,000gns at the Red Ladies and Weaned Calf sale.
Sold 4 U Hallie North
Wall Tapestry At Walmart
Used Drift Boats For Sale Craigslist
Build a Free Website | VistaPrint
Shaleback Hollow Location
Zuercher Portal Inmates Kershaw County
Ripoff Report | MZK Headhunters Inc. complaints, reviews, scams, lawsuits and frauds reported, 0 results
Indiana Immediate Care.webpay.md
Charlotte North Carolina Craigslist Pets
Shipstation Commercial Actress
Black Myth Wukong All Secrets in Chapter 6
Trizzle Aarp
Tamu Registration Worksheet
Sour Power OG (Karma Genetics) :: Cannabis Strain Info
Arcanis Secret Santa
Se compra un casoplón por un error de Crypto.com: le dieron 10 millones en vez de 100 dólares al pedir reembolso de criptomonedas
Alle Eurovision Song Contest Videos
Hkx File Compatibility Check Skyrim/Sse
Rainfall Map Oklahoma
Mcknet Workday
Walb Game Forecast
Cpc 1190 Pill
Lharkies
Latest Posts
Article information

Author: Carmelo Roob

Last Updated:

Views: 6151

Rating: 4.4 / 5 (45 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Carmelo Roob

Birthday: 1995-01-09

Address: Apt. 915 481 Sipes Cliff, New Gonzalobury, CO 80176

Phone: +6773780339780

Job: Sales Executive

Hobby: Gaming, Jogging, Rugby, Video gaming, Handball, Ice skating, Web surfing

Introduction: My name is Carmelo Roob, I am a modern, handsome, delightful, comfortable, attractive, vast, good person who loves writing and wants to share my knowledge and understanding with you.