DB Sessions Other than GEN0 making frequent calls to HSM Even Though Tablespace Encryption Keys were Cached.
Last updated on APRIL 01, 2016
Applies to:Advanced Networking Option - Version 184.108.40.206 and later
Information in this document applies to any platform.
Tablespace level TDE implemented with master encryption key stored in HSM wallet.
The master encryption key never leave the HSM device. As the tablespace encryption keys were encrypted using the master encryption key, the Tablespace encryption keys were sent to HSM to get back the decrypted version of tablespace key.
Then the decrypted version of all tablespace encryption keys were cached in SGA when the data in tablespace was accessed first. They were cached until instance is shutdown.
Why HSM wallet is accessed by DB sessions frequently, other than GEN0 process?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms