Regulatory and industry-specific requirements, such as SOX, Visa PCI, HIPAA, and so on, require that sensitive data must be stored securely and protected against unauthorized access or modifications. Several of the requirements state that data must be encrypted.

IBM® i5/OS® offers several options that allow customers to encrypt data in the database tables. However, encryption is not a trivial task. Careful planning is essential for successful implementation of data encryption project. In the worst case, you would not be able to retrieve clear text information from encrypted data.

This IBM Redbooks® publication is designed to help planners, implementers, and programmers by providing three key pieces of information:

Part 1, "Introduction to data encryption" on page 1, introduces key concepts, terminology, algorithms, and key management. Understanding these is important to follow the rest of the book.

If you are already familiar with the general concepts of cryptography and the data encryption aspect of it, you may skip this part.

Part 2, "Planning for data encryption" on page 37, provides critical information for planning a data encryption project on i5/OS.

Part 3, "Implementation of data encryption" on page 113, provides various implementation scenarios with a step-by-step guide.

Part 1. Introduction to data encryption

Chapter 1. Data encryption: the big picture

Chapter 2. Algorithms, operations, and System i implementations

Chapter 3. Key management concepts

Part 2. Planning for data encryption

Chapter 4. Analyzing needs and defining scope

Chapter 5. Managing keys on System i

Chapter 6. Choosing a data encryption method

Chapter 7. Database considerations

Chapter 8. Application considerations

Chapter 9. Backup considerations

Part 3. Implementation of data encryption

Chapter 10. SQL method

Chapter 11. Cryptographic Services APIs method

Chapter 12. HW-based method

Appendix A. Additional material