I think this is something you need to do manually, according to the security
policies of your organization.
Chapter 4 of the Oracle Database Advanced Security Guide has a section on
"Rotating the TDE Master Encryption Key" via the ADMINISTER KEY MANAGEMENT SET
KEY statement.
On Friday, March 5, 2021, 01:56:38 PM EST, Jay.Miller
<dmarc-noreply@xxxxxxxxxxxxx> wrote:
As part of a security review I’ve been asked the cryptoperiod of our Oracle
encryption.
After some research to figure out what they were talking about it seems to be
when a key expires and is replaced. I could not find any google or metalink
hits in relation to transparent data encryption. Does anyone know if Is this
something which is implemented automatically when the TDE wallet is created or,
as I suspect, is it not part of the TDE implementation at all?
TIA,
Jay Miller
