My Oracle Support Banner

How To Generate A New Master Encryption Key for the TDE (Doc ID 445147.1)

Last updated on APRIL 09, 2018

Applies to:

Advanced Networking Option - Version 11.2.0.4 to 11.2.0.4 [Release 11.2]
Advanced Networking Option - Version 10.2.0.3 to 11.2.0.2 [Release 10.2 to 11.2]
Information in this document applies to any platform.
Checked for relevance on 12-Jun-2013



Goal

In order to encrypt column data, Oracle uses a table encryption key which is unique for each table of the database. All the table encryption keys are encrypted using a master key and stored within the data dictionary. The master key is kept in a container outside of the database which can be either a file ( a PKCS#12 wallet ) or a Hardware Security Module (HSM) . To keep the system secure, one has to regenerate the master key periodically.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.