With transparent data encryption, you can easily encrypt all the data in an application without modifying the application. Database administrators install built applications in the following manner. However, this procedure stores data to the default tablespace, so take necessary action if processing differs from the original design.
(Normal procedure) Create an owner and a database for the built application.
CREATE USER crm_admin ...; CREATE DATABASE crm_db ...;
(Procedure for encryption) Create an encrypted tablespace to store the data for the built application.
SET tablespace_encryption_algorithm = 'AES256'; CREATE TABLESPACE crm_tablespace LOCATION '/crm/data';
(Procedure for encryption) Configure an encrypted tablespace as the default tablespace for the owner of the built application.
ALTER USER crm_admin SET default_tablespace = 'crm_tablespace'; ALTER USER crm_admin SET temp_tablespaces = 'crm_tablespace';
(Normal procedure) Install the built application. The application installer prompts you to enter the host name and the port number of the database server, the user name, and the database name. The installer uses the entered information to connect to the database server and execute the SQL script. For applications that do not have an installer, the database administrator must manually execute the SQL script.
Normally, the application's SQL script includes logic definition SQL statements, such as CREATE TABLE, CREATE INDEX, and GRANT or REVOKE, converted from the entity-relationship diagram. It does not include SQL statements that create databases, users, and tablespaces. Configuring the default tablespace of the users who will execute the SQL script deploys the objects generated by the SQL script to the tablespace.
