Encryption Facility for z/OS Version 1.10

An IBM Redbooks publication


This IBM Redbooks publication introduces IBM Encryption Facility for z/OS, Program Product 5655-P97, from the description of its principles of operation to information related to its setup intended for system programmers and security officers.

We include recommendations, based on our own experience, in the chapters addressing these topics, including warnings and explanations about problems we discovered during our own trials.

This book provides also several examples of the use of the following Encryption Facility for z/OS features:

  • Encryption Services
  • Encryption Facility for z/OS Java Client
  • DFSMSdss Encryption feature

This book also addresses in detail the many options proposed by the product and provides you with considerations and recommendations regarding proper selection of these options in the planned context of use.

Table of contents

Chapter 1. What the Encryption Facility for z/OS is and is not
Chapter 2. System z integrated cryptography: A reminder
Chapter 3. Principles of operation and hardware and software requirements for the Encryption Facility
Chapter 4. Planning for the Encryption Facility for z/OS
Chapter 5. Encryption Services to Encryption Services/ Decryption Client
Chapter 6. Relevant certificate services in z/OS and use considerations
Chapter 7. RACF protection of Encryption Facility for z/OS resources
Chapter 8. The DFSMSdss Encryption feature
Chapter 9. Using the Encryption Facility Java Client on z/OS
Appendix A. Encryption Facility for z/OS: Features compatibility
Appendix B. Some encryption basics
Appendix C. Encryption Facility for z/OS: Performance and sizing
Appendix D. EBCDIC and ASCII
Appendix E. A simple installation verification program


Publish Date
23 January 2007

(based on 1 review)




IBM Form Number

Number of pages