To start using HSM based encryption, you need a Master Encryption Key (MEK) that will be stored inside the HSM. The MEK is used to encrypt or decrypt the Oracle database table columns or tablespace.
HSM separates ordinary program functions from encryption operations, making it possible to divide duties between database administrators and security administrators. Security is enhanced because the wallet password can be unknown to the database administrator, requiring the security administrator to provide the password.
The key is secure from unauthorized access attempts as the HSM is a physical device and not an operating system file. All encryption and decryption operations that use the master encryption key are performed inside the HSM. This means that the master encryption key is never exposed in insecure memory.
While performing this integration we have used Linux path in the SQL commands, change the path according to the appropriate operating system.