Re: cryptoperiod for TDE?
Date: Fri, 5 Mar 2021 19:06:41 +0000 (UTC)
Message-ID: <989377876.695398.1614971201350_at_mail.yahoo.com>
I think this is something you need to do manually, according to the security policies of your organization.
Chapter 4 of the Oracle Database Advanced Security Guide has a section on "Rotating the TDE Master Encryption Key" via the ADMINISTER KEY MANAGEMENT SET KEY statement.
On Friday, March 5, 2021, 01:56:38 PM EST, Jay.Miller <dmarc-noreply_at_freelists.org> wrote:
As part of a security review I’ve been asked the cryptoperiod of our Oracle encryption.
After some research to figure out what they were talking about it seems to be when a key expires and is replaced. I could not find any google or metalink hits in relation to transparent data encryption. Does anyone know if Is this something which is implemented automatically when the TDE wallet is created or, as I suspect, is it not part of the TDE implementation at all?
TIA,
Jay Miller
--
http://www.freelists.org/webpage/oracle-l
Received on Fri Mar 05 2021 - 20:06:41 CET