This IBM® Redbooks® publication discusses IBM System Storage Open Systems Tape Encryption solutions. It specifically describes Tivoli Key Lifecycle Manager (TKLM) Version 2, which is a Java software program that manages keys enterprise-wide and provides encryption-enabled tape drives with keys for encryption and decryption.

The book explains various methods of managing IBM tape encryption. These methods differ in where the encryption policies reside, where key management is performed, whether a key manager is required, and if required, how the tape drives communicate with it.

The security and accessibility characteristics of encrypted data create considerations for clients which do not exist with storage devices that do not encrypt data. Encryption key material must be kept secure from disclosure or use by any agent that does not have authority to it; at the same time it must be accessible to any agent that has both the authority and need to use it at the time of need.

This book is written for readers who need to understand and use the various methods of managing IBM tape encryption.

Chapter 1. Introduction to tape encryption

Chapter 2. IBM tape encryption methods

Chapter 3. IBM System Storage tape and tape automation for encryption

Chapter 4. Planning for software and hardware

Chapter 5. Planning for Tivoli Key Lifecycle Manager V2

Chapter 6. TKLM Windows installation

Chapter 7. TKLM Linux installation

Chapter 8. TKLM operational considerations

Chapter 9. Administration