Changing ownership may occur in the normal course of business, or as part of key recovery following an unforeseen circumstance. This command, when executed by the SSO, transfers key ownership to a named user:
alter encryption key [[database_name].[owner].]keyname modify owner user_name
Where user_name is the name of the user to be the new key owner. This user must be a user in the database where the key was created.
For example, if key owner “Razi” is the key custodian and owns the key encr_key, but is being replaced by a new key custodian named “tinnap,” use the following command to change the key ownership:
alter encryption key encr_key modify owner tinnap
Only the SSO or the key owner can run this command.
