About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Abstract
Every organization has the goal and responsibility to ensure data confidentiality, integrity, and authenticity. Cryptographic systems are extensively used to provide the security needed for data transport. Cryptographic systems use keys to lock and unlock the encrypted data. The security and management of these keys is critical to the cryptographic system’s viability.
For IBM® z Systems™, the Host Cryptographic Module keys are the most important keys that you have. Many standards require that the key parts for master keys never be in the clear outside of a Hardware Security Module (HSM). For z Systems, IBM Trusted Key Entry (TKE) is the only appliance that keeps those key parts properly encrypted while generating key material and loading master keys.
This IBM Redbooks® Point-of-View publication reviews the IBM Trusted Key Entry product and the four features that streamline the mission-critical tasks that are performed from the TKE. Proper use of these features increases the speed and accuracy of your Host Cryptographic Module management and reduces the amount of time that you need in the TKE secure room
Table of Contents
Securing the keys to your kingdom
Trusted Key Entry is in control
-- Domain grouping
-- Load All New Master Keys
-- The Full Function Migration Wizard
-- The Trusted Key Entry Workstation Setup Wizard
What's next: How IBM can help
Resources for more information
