Every organization has the goal and responsibility to ensure data confidentiality, integrity, and authenticity. Cryptographic systems are extensively used to provide the security needed for data transport. Cryptographic systems use keys to lock and unlock the encrypted data. The security and management of these keys is critical to the cryptographic system’s viability.

For IBM® z Systems™, the Host Cryptographic Module keys are the most important keys that you have. Many standards require that the key parts for master keys never be in the clear outside of a Hardware Security Module (HSM). For z Systems, IBM Trusted Key Entry (TKE) is the only appliance that keeps those key parts properly encrypted while generating key material and loading master keys.

This IBM Redbooks® Point-of-View publication reviews the IBM Trusted Key Entry product and the four features that streamline the mission-critical tasks that are performed from the TKE. Proper use of these features increases the speed and accuracy of your Host Cryptographic Module management and reduces the amount of time that you need in the TKE secure room

Securing the keys to your kingdom

Trusted Key Entry is in control

-- Domain grouping

-- Load All New Master Keys

-- The Full Function Migration Wizard

-- The Trusted Key Entry Workstation Setup Wizard

What's next: How IBM can help

Resources for more information