Oracle data redaction is a simple but clever and innovative idea from Oracle. However, at present, there are weaknesses that undermine its effectiveness as a good security mechanism. These weaknesses can be exploited via web based SQL injection attacks and this paper details those weaknesses and provides suggestions on how it can be improved and made more secure.
You can download it from the following link: https://packetstormsecurity.com/files/download/127504/Oracle_Data_Redaction_is_Broken.pdf
Source: https://packetstormsecurity.com/files/127504/Oracle-Data-Redaction-Is-Broken.html