Understand the following concepts and terminology to help you get started with Oracle Data Safe.
Oracle Cloud Infrastructure
Oracle Cloud Infrastructure is a set of complementary cloud services that enables you to build and run a wide range of applications and services in a highly available hosted environment. Oracle Cloud Infrastructure offers high-performance compute capabilities (as physical hardware instances) and storage capacity in a flexible overlay virtual network that is securely accessible from your on-premises network. Oracle Data Safe is integrated as a service into Oracle Cloud Infrastructure.
Oracle Cloud Infrastructure Console
The Oracle Cloud Infrastructure Console is a simple and intuitive web-based user interface that you can use to access and manage Oracle Cloud Infrastructure. You also access the Oracle Data Safe Console through the Oracle Cloud Infrastructure Console.
A tenancy is a secure and isolated partition within Oracle Cloud Infrastructure where you can create, organize, and administer your cloud resources. When you subscribe to Oracle Data Safe, Oracle automatically creates a tenancy for you in Oracle Cloud Infrastructure, if necessary.
Regions and Availability Domains
Oracle Cloud Infrastructure is physically hosted in regions and availability domains. A region is a localized geographic area, and an availability domain is one or more data centers located within a region. A region is composed of one or more availability domains. Oracle Cloud Infrastructure resources are either region-specific, such as a virtual cloud network, or availability domain-specific, such as a compute instance.
Oracle Data Safe
Oracle Data Safe is a fully-integrated Cloud service focused on the security of your data. It provides a complete and integrated set of features for protecting sensitive and regulated data in Oracle Cloud databases.
Oracle Data Safe consists of a web application and an Oracle pluggable database (PDB) and resides in Oracle Cloud Infrastructure. The web application is the main user interface for Oracle Data Safe and is referred to as the Oracle Data Safe Console. The PDB is the repository for Oracle Data Safe and contains audit data and collected sensitive data for target databases. You can enable Oracle Data Safe in each region of your tenancy in Oracle Cloud Infrastructure.
Oracle Cloud Infrastructure Identity and Access Management (IAM)
The IAM service is the default, fully integrated, identity management service for Oracle Cloud Infrastructure. It lets you control who has access to your cloud resources, what type of access user groups have, and to which specific resources user groups have access.
Oracle Data Safe uses all the shared services in Oracle Cloud Infrastructure, including IAM. You can use the IAM service to set up user access to Oracle Data Safe.
In IAM, compartments allow you to organize and control access to your cloud resources. A compartment is a collection of related resources, such as database instances, virtual cloud networks, and block volumes. A compartment should be thought of as a logical group and not a physical container. When you begin working with resources in the Oracle Cloud Infrastructure Console, the compartment acts as a filter for what you are viewing. A group requires permission by an administrator to access a compartment.
IAM User Groups
A user group in IAM is a collection of users who all need the same type of access to a particular set of resources or compartment. Tenancy administrators can create users and groups in the root compartment of a tenancy with the IAM service in Oracle Cloud Infrastructure. Oracle Data Safe retrieves user groups from IAM, but not individual users.
Oracle automatically creates a tenancy administrator for you and adds it to the tenancy's
Administrators group. This group has all permissions on all resources in the tenancy, and is responsible for creating the users, groups, and compartments for the tenancy.
An IAM policy is a document that specifies who can access which resources in Oracle Cloud Infrastructure, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy itself. If you give a group access to your tenancy, the group automatically gets the same type of access to all the compartments inside your tenancy. Only tenancy administrators can create policies.
Oracle Data Safe Console
The Oracle Data Safe Console is the main user interface for Oracle Data Safe. Upon opening Oracle Data Safe, you are presented with a dashboard that lets you monitor system activity. The side tabs provide access to the main features. The top tabs provide access to registered target databases, the Library, reports, alerts, and jobs. In the upper right corner, you can access links to user security and data retention settings.
A target database is an Oracle Database on which Oracle Data Safe can perform user and security assessment, data discovery, data masking, and auditing.
A resource group is a logical structure in Oracle Data Safe that you can create to organize and control access to one or more Oracle Data Safe resources. For example, you can add multiple target databases to a resource group and then grant a user group access to the resource group, rather than to each target database. A resource group can contain target databases, sensitive data models, sensitive types, masking formats, masking policies, audit policies, audit trails, and reports. The Default Resource Group is available to all user groups for convenience.
Authorization Policies in Oracle Data Safe
Oracle Data Safe uses authorization policies to control user group access to resource groups and features. For each resource group, an Oracle Data Safe Administrator (or delegated administrator) can grant a user group
manage, or no privileges for Oracle Data Safe features. Features are grouped as follows: Assessment (User Assessment and Security Assessment), Discovery and Masking, and Activity Auditing. The
view privilege grants read-only access to a feature's resources. The
manage privilege enables a user group to create, read, update, delete, and delegate feature-related resources. Administrators cannot create more privileges.
A sensitive type is a classification of sensitive data and defines the kind of sensitive columns to search for. For example, the US Social Security Number (SSN) sensitive type helps you discover columns containing Social Security numbers. Data Discovery searches for sensitive data in your cloud databases based on the sensitive types that you choose. You can choose from a wide variety of predefined sensitive types and can also create your own sensitive types.
Sensitive types are divided into categories. The top-level categories are Personal Identification Information (PII), Personal Biographic Information, Personal IT Information, Personal Financial Information, Personal Healthcare Information, Personal Employment Information, and Personal Academic Information. You can choose individual sensitive types or sensitive categories to search sensitive data.
Sensitive Data Models
A sensitive data model is a collection of sensitive columns and referential relationships. Data Discovery identifies sensitive columns and referential relationships and creates a sensitive data model. Data Discovery automatically searches the Oracle data dictionary to find relationships between primary key columns and foreign key columns and flags them as sensitive. It can also discover non-dictionary referential relationships, which are relationships defined in applications and not in the Oracle data dictionary.
A masking format defines the logic to mask sensitive data in a database column. For example, the Shuffle masking format randomly shuffles values in a column. The Email Address masking format replaces values in a column with random email addresses. Oracle Data Safe provides many predefined masking formats. If needed, you can create your own.
A masking policy maps sensitive columns to masking formats that should be used to mask the data. You can use a masking policy to perform data masking on a target database. You can create a masking policy using a sensitive data model. You can also use a previously created masking policy from the Library. You can download a masking policy as XML, modify it, and upload it to the same or a different Oracle Data Safe service.
An audit trail is a table in a database that stores audit data. A widely used audit trail is the
AUDSYS.UNIFIED_AUDIT_TRAIL data dictionary view. You can configure audit trails in Oracle Data Safe. Usually, you configure only one audit trail per database.
When audit data collection is enabled, Oracle Data Safe copies the audit data from the database's audit trail into the Oracle Data Safe audit table. You can start and stop audit collection as needed. In Oracle Data Safe, you can manage the size of a target database's audit trail by using the auto purge feature. You can manage the size of the Oracle Data Safe audit table by configuring a data retention period.
The Library in Oracle Data Safe is a repository that stores resources used for Data Discovery and Data Masking. Resources include sensitive types, sensitive data models, masking formats, and masking policies. When you create these resources, they are automatically saved to the Library.
An audit policy defines specific events to track in a target database. In Oracle Data Safe, you can provision basic audit policies, administrator and user activity audit policies, the Center for Internet Security (CIS) Recommendations policy, custom audit policies, and Oracle pre-seeded audit policies. After an audit policy is provisioned, the target database can begin to generate audit data.
An alert is a message that notifies you when a particular audit event happens on a target database. Alerts are displayed in table format on the Alerts page in the Oracle Data Safe Console. You can view total alert counts for target databases, alert severity levels, and alert statuses. You can also filter alerts on the page, create and delete custom alert reports, open and close alerts, and download an alerts report in PDF format.
An alert policy defines an event in a database to monitor. Alert policies are rule-based and independent of audit policies. If an alert’s rule definition is matched (for example, an administrator fails to log in to a target database), then Oracle Data Safe raises an alert and displays it on the Alerts page.
Activity Auditing provides predefined alert policies that you can activate within the Activity Auditing wizard. There is a policy for database parameters changes, failed logins by admin users, audit policy changes, user creation or deletion, and user entitlement changes.