What is difference between Oracle Data Encryption, Oracle Data Redaction and Oracle Data Masking?
A lot of time we use the above terms interchangeably, also there are lots of vendors who use terms like Dynamic/Static Data Masking. I will try and explain the above in Oracle Parlance.
Data Encryption means encrypting data in motion and data at rest. Simply data flowing over the wire is unencrypted and can be viewed via sniffers it is also vulnerable to man in middle attacks. In Man in Middle attack a hacker can modify data and send different command or SQL Statement.
2nd if database files are lost , one can using tools or string command to view binary data and in turn access sensitive tables and columns containing Personal information, credit cards numbers etc. Further your backup tapes may get lost making it vulnerable to data loss.
Oracle Advanced Security (ASO) provides solution which encrypts data in motion and at rest to address above vulnerabilities.
Do remember ASO only prevents data from loss via use of keys but it does not mask or jumble data to authorized users. This is done via Redaction feature of ASO.
Introduced as part ASO, Data Redaction is available from 11.2.0.4 Oracle Databases onwards (Data Redaction was introduced in 12c Release but was back ported to benefit of 11gR2 Databases Users).
Unlike Encryption, Data Redaction prevents different groups of users (anything having sys_context) from accessing the data as it is, e.g. a legitimate user may access the data ,or a report may print entire data . But if you want prevent an operational user or call center user from accessing the same data either fully or partially then one can redact that data so that it is not displayed or viewed partially. Example Credit Card number is viewed as XXXX-XXXX-XXXX-1342 , similarly applicable to DOB , address etc.
Last part if we have secured and protected our production databases however if the same data is easily available to users in test and development environments then such users will never access the production as it is easy for them to see the same data in non-production environments. This leaves data vulnerable to vendors, contractual employees and also unauthorized users.
To address this Oracle offers Data Masking which changes data from production before it is released for testing. Different masking formats are available i.e. Substr,encypt,shuffle,array list, table column, random number,random string or combination of formats. Also out the box templates are available for Credit Card numbers , SSN , etc.This can be implemented at target databases or using In-Source Masking which masks data from production when it is written out to export dump files.
For More details visit
http://www.oracle.com/technetwork/database/security/index.html?ssSourceSiteId=opn
The views expressed on this blog are my own and do not necessarily reflect the views of Oracle.
manojshringarpure 
NIce article