Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Purpose
Provides an interface to configure transparent sensitive data protection (TSDP) policies in conjunction with the DBMS_TSDP_MANAGE package.
AUTHID
CURRENT_USER
Constants
Name
Data Type
Value
DATATYPE
INTEGER
1
LENGTH
INTEGER
2
SCHEMA_NAME
INTEGER
3
TABLE_NAME
INTEGER
4
TSDP_PARAM_MAX
INTEGER
4000
REDACT
INTEGER
1
UNIFIED_AUDIT
INTEGER
2
VPD
INTEGER
3
COLUMN_ENCRYPTION
INTEGER
4
FGA
INTEGER
5
tsdp$default_condition
POLICY_CONDITIONS
POLICY_CONDITIONS()
Dependencies
DBA_TSDP_IMPORT_ERRORS
DBMS_TSDP_LIB
TSDP$FEATURE_VALUE
DBA_TSDP_POLICY_CONDITION
DBMS_TSDP_PROTECT_INT
TSDP_FEATURE_POLICY$
DBA_TSDP_POLICY_FEATURE
PLITBLM
TSDP_POLICY$
DBA_TSDP_POLICY_PARAMETER
TSDP$CONDITION_PROP
TSDP_PROTECTION$
DBA_TSDP_POLICY_PROTECTION
TSDP$CONDITION_VALUE
TSDP_SUBPOL$
DBA_TSDP_POLICY_PARAMETER
TSDP$DATAPUMP
TSDP_SENSITIVE_DATA$
DBA_TSDP_POLICY_PROTECTION
TSDP$FEATURE_PARAM
TSDP_SUBPOL$
DBA_TSDP_POLICY_TYPE
TSDP$FEATURE_VALUE
TSDP_SENSITIVE_DATA$
Data Types
TYPE feature_options IS TABLE OF VARCHAR2(4000)
INDEX BY VARCHAR2(30);
TYPE policy_conditions IS TABLE OF VARCHAR2(4000)
INDEX BY PLS_INTEGER;
Documented
Yes
Exceptions
Error Code
Reason
ORA-45614
invalid Transparent Sensitive Data Protection (TSDP) policy <policy_name>
dbms_tsdp_protect.add_policy(
policy_name IN VARCHAR2,
security_feature IN PLS_INTEGER,
policy_enable_options IN FEATURE_OPTIONS,
policy_apply_condition IN POLICY_CONDITIONS DEFAULT tsdp$default_condition);
INSERT INTO uwclass.employees VALUES (1, 'Ellison', '111-11-1234');
INSERT INTO uwclass.employees VALUES (2, 'Catz', '111-22-1234');
INSERT INTO uwclass.employees VALUES (3, 'Hurd', '111-33-1234');
INSERT INTO uwclass.employees VALUES (4, 'Kurian', '111-44-1234');
INSERT INTO uwclass.employees VALUES (5, 'Reese', '111-55-1234');
COMMIT;
SELECT *
FROM uwclass.employees;
col column_name format a12
col policy_name format a15
col parameter format a20
col schema_name format a12
col security_feature_policy format a24
col sensitive_type format a15
col table_name format a12
col tsdp_policy format a13
dbms_tsdp_protect.alter_policy(
policy_name IN VARCHAR2,
policy_enable_options IN FEATURE_OPTIONS,
policy_apply_condition IN POLICY_CONDITIONS DEFAULT tsdp$default_condition);