Re: cryptoperiod for TDE?
Date: Thu, 11 Mar 2021 08:25:53 -0800
Message-ID: <CAORjz=P3h7RoBjfF7q_0jLYEzqDTh+nRmzvj0OTJuH3ACAAxZw_at_mail.gmail.com>
Does anyone know of a study detailing the likelihood of a security event due to not rotating keys?
One with examples of it actually happening would make it more interesting.
On Fri, Mar 5, 2021 at 11:07 mcpeakm_at_tempus-consulting-group.com < mcpeakm_at_tempus-consulting-group.com> wrote:
> I think this is something you need to do manually, according to the
> security policies of your organization.
>
> Chapter 4 of the Oracle Database Advanced Security Guide has a section on
> "Rotating the TDE Master Encryption Key" via the ADMINISTER KEY
> MANAGEMENT SET KEY statement.
>
>
> On Friday, March 5, 2021, 01:56:38 PM EST, Jay.Miller <
> dmarc-noreply_at_freelists.org> wrote:
>
>
> As part of a security review I’ve been asked the cryptoperiod of our
> Oracle encryption.
>
>
>
> After some research to figure out what they were talking about it seems to
> be when a key expires and is replaced. I could not find any google or
> metalink hits in relation to transparent data encryption. Does anyone know
> if Is this something which is implemented automatically when the TDE wallet
> is created or, as I suspect, is it not part of the TDE implementation at
> all?
>
>
>
> TIA,
>
> Jay Miller
>
-- Jared Still Certifiable Oracle DBA and Part Time Perl Evangelist Principal Consultant at Pythian Oracle ACE Alumni Pythian Blog http://www.pythian.com/blog/author/still/ Github: https://github.com/jkstill -- http://www.freelists.org/webpage/oracle-lReceived on Thu Mar 11 2021 - 17:25:53 CET