I have a requirement to store data in encrypted form in the table(all columns) not in clear text which is considered sensitive .I know this could be implemeted with Access Control(FGAC with column masking)) but even DBA's should not have the acess to it.Clientr doesn't have licence for Vault and they're not planning to it get it either.
I have been reading about dbms_crypto which has cryptographic functions to encrypt and decrypt functions but not sure how to encrypt the entire columns of table and also the key management,the security team needs the key to be on the filesystem and locked down by master encryption key.
I have been trying to find an example of storing key on filesystem with key protected with master key but didn't find it ,can you please help me how i could achieve this with an example i would really appreciate it.
and also,How could application would make a call to the file to decrypt it?
Thanks in Adavnce.