Data Encryption Using Transparent Data Encryption

To satisfy the requirement of encryption of data-at-rest, Oracle Fusion Cloud Enterprise Performance Management and Oracle Enterprise Data Management Cloud use Transparent Data Encryption (TDE) to encrypt all data at the tablespace level. Each tablespace has its own encryption key.

Encryption keys are encrypted using a master key. The master key is encrypted using AES-256 encryption and is rotated regularly. The master key is stored in a Hardware Security Module (HSM) for additional security.

Tablespace is also encrypted using AES-256 encryption.