By default, encryption and decryption are handled by the remote Adaptive Server. CIS makes a one-time check for encrypted columns on the remote Adaptive Server. If the remote Adaptive Server supports encryption, CIS updates the local syscolumns catalog with the encrypted-column-related metadata as follows:
create proxy_table automatically updates syscolumns with any encrypted-column information from the remote tables.
create existing table automatically updates syscolumns with any encrypted-column metadata from the remote tables. The encrypt keyword is not allowed in the columnlist for create existing table. CIS automatically marks columns as encrypted if it finds any encrypted columns on the remote table.
create table at the location with encrypted columns is not allowed.
alter table is not allowed on encrypted columns for proxy tables.
select into existing brings the plain text from the source and inserts it into destination table. The local Adaptive Server then encrypts the plain text before insertion into any encrypted columns.
The following columns are updated from the remote server’s syscolumns catalog:
encrtype – type of data on disk.
encrlen – length of encrypted data.
status2 – status bits that indicate that column is encrypted.
