Table of Contents Previous Next


4 Security : 4.4 Data Redaction

Data redaction is a technique that limits sensitive data exposure by dynamically changing data as it is displayed for certain users.
For example, a social security number (SSN) is stored as 021-23-9567. Privileged users can see the full SSN, while other users only see the last four digits xxx-xx-9567.
For a salary field, a redaction function would always return $0.00 regardless of the input salary value.
These functions are then incorporated into a redaction policy by using the CREATE REDACTION POLICY command. This command specifies the table on which the policy applies, the table columns to be affected by the specified redaction functions, expressions to determine which session users are to be affected, and other options.
The edb_data_redaction parameter in the postgresql.conf file then determines whether or not data redaction is to be applied.
If the parameter is disabled by having it set to FALSE during the session, then the following occurs:
A redaction policy can be changed by using the ALTER REDACTION POLICY command, or it can be eliminated using the DROP REDACTION POLICY command.

4 Security : 4.4 Data Redaction

Table of Contents Previous Next