DB Sessions Other than GEN0 making frequent calls to HSM Even Though Tablespace Encryption Keys were Cached.
(Doc ID 2121814.1)
Last updated on FEBRUARY 04, 2020
Applies to:Advanced Networking Option - Version 184.108.40.206 and later
Information in this document applies to any platform.
Tablespace level TDE implemented with master encryption key stored in HSM wallet.
The master encryption key never leave the HSM device. As the tablespace encryption keys were encrypted using the master encryption key, the Tablespace encryption keys were sent to HSM to get back the decrypted version of tablespace key.
Then the decrypted version of all tablespace encryption keys were cached in SGA when the data in tablespace was accessed first. They were cached until instance is shutdown.
Why HSM wallet is accessed by DB sessions frequently, other than GEN0 process?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document