How To Generate A New Master Encryption Key for the TDE
(Doc ID 445147.1)
Last updated on APRIL 09, 2018
Applies to:Advanced Networking Option - Version 220.127.116.11 to 18.104.22.168 [Release 11.2]
Advanced Networking Option - Version 10.2.0.3 to 22.214.171.124 [Release 10.2 to 11.2]
Information in this document applies to any platform.
Checked for relevance on 12-Jun-2013
In order to encrypt column data, Oracle uses a table encryption key which is unique for each table of the database. All the table encryption keys are encrypted using a master key and stored within the data dictionary. The master key is kept in a container outside of the database which can be either a file ( a PKCS#12 wallet ) or a Hardware Security Module (HSM) . To keep the system secure, one has to regenerate the master key periodically.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!