Streamline Management of the IBM z Systems Host Cryptographic Module Using IBM Trusted Key Entry

An IBM Redbooks Point-of-View publication

Published 12 November 2015

cover image

ISBN-10: 0738454702
ISBN-13: 9780738454702
IBM Form #: REDP-5305-00
(10 pages)

More options

Rate and comment

Authors: Garry J. Sullivan


Every organization has the goal and responsibility to ensure data confidentiality, integrity, and authenticity. Cryptographic systems are extensively used to provide the security needed for data transport. Cryptographic systems use keys to lock and unlock the encrypted data. The security and management of these keys is critical to the cryptographic system’s viability.

For IBM® z Systems™, the Host Cryptographic Module keys are the most important keys that you have. Many standards require that the key parts for master keys never be in the clear outside of a Hardware Security Module (HSM). For z Systems, IBM Trusted Key Entry (TKE) is the only appliance that keeps those key parts properly encrypted while generating key material and loading master keys.

This IBM Redbooks® Point-of-View publication reviews the IBM Trusted Key Entry product and the four features that streamline the mission-critical tasks that are performed from the TKE. Proper use of these features increases the speed and accuracy of your Host Cryptographic Module management and reduces the amount of time that you need in the TKE secure room

Table of contents

Securing the keys to your kingdom
Trusted Key Entry is in control
-- Domain grouping
-- Load All New Master Keys
-- The Full Function Migration Wizard
-- The Trusted Key Entry Workstation Setup Wizard
What's next: How IBM can help
Resources for more information

Follow IBM Redbooks

Follow IBM Redbooks