You can implement data encryption by using
the encryption
field procedure as part of a table unload and reload operation. Data
is encrypted but not compressed.
Before you begin
You must have in
your exit library an encryption field procedure
that was created by using
InfoSphere® Guardium
Data Encryption.
About this task
You can encrypt sensitive columns that are defined to
a table by completing one of the methods in the following procedure:
Procedure
- Unload, drop, and then reload the database.
- Unload the DB2® database.
If the database already has a field procedure, you must unload it
by using that field procedure. Make sure that the database is offline
and was successfully unloaded (awaiting reload) before you proceed.
- Install the encryption field procedure.
- Redefine the table or tables, which involves
dropping
and re-creating the table or tables and all dependent objects. Specify
the FIELDPROC option and the name of the encrypting field procedure.
Tip: The IBM® DB2 Administration Tool can help
you complete these tasks.
- Reload
the table or tables to encrypt the data when
it is loaded.
- Use the
ALTER ADD NEW COLUMN statement to point to the
FIELDPROC. An application can then run and encrypt
the columns without affecting DB2 availability.