Transparent Data Encryption requires a specific area to hold your encryption policies. To protect your policies, you cannot perform any record operations on the policy data with an ABL or SQL client. The encryption policy area has the following restrictions and characteristics:
The area must be named "Encryption Policy Area" and the type token in your structure (.st) file must be an "e".
The area number of the Encryption Policy Area must be greater than the area number of the Schema area.
The area must be a Type II area.
The first line defining the Encryption Policy Area in your structure (.st) file must contain both the area name and the area number.
If the area definition in your structure file omits the area cluster size, the size defaults to the value of CLUSTERSIZE_DEFAULT (8 blocks per cluster).
If the area number and the records per block values are omitted, the values are assigned following the rules for data areas.
After the first definition line in the structure file, subsequent lines may omit the area name, area number, records per block, and cluster size values.
To add an Encryption Policy Area to your database:
1. Create a structure (.st) file describing the Encryption Policy Area. For example:
e "Encryption Policy Area":12,32;64 . f 1024
e "Encryption Policy Area":12,32;64 .
2. Add the Encryption Policy Area to your database with PROSTRCT ADD. For example:
prostrct add mydb encrypt_policy_area.st
3. Create a new structure file for your database that reflects the added Encryption Policy area with PROSTRCT LIST. For example: