Key Management Deployment Guide: Using the IBM Enterprise Key Management Foundation

An IBM Redbooks publication


In an increasingly interconnected world, data breaches grab headlines. The security of sensitive information is vital, and new requirements and regulatory bodies such as the Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), and Sarbanes-Oxley (SOX) create challenges for enterprises that use encryption to protect their information. As encryption becomes more widely adopted, organizations also must contend with an ever-growing set of encryption keys. Effective management of these keys is essential to ensure both the availability and security of the encrypted information. Centralized management of keys and certificates is necessary to perform the complex tasks that are related to key and certificate generation, renewal, and backup and recovery.

The IBM® Enterprise Key Management Foundation (EKMF) is a flexible and highly secure key management system for the enterprise. It provides centralized key management on IBM zEnterprise® and distributed platforms for streamlined, efficient, and secure key and certificate management operations.

This IBM Redbooks® publication introduces key concepts around a centralized key management infrastructure and depicts the proper planning, implementation, and management of such a system using the IBM Enterprise Key Management Foundation solution.

Table of contents

Part 1. Business context and solution architecture
Chapter 1. Business context for enterprise key management
Chapter 2. Solution architecture
Chapter 3. Deployment, administration, and maintenance
Part 2. Use case scenario
Chapter 4. Overview of scenario, requirements, and approach
Chapter 5. Key management infrastructure setup and deployment
Appendix A. Troubleshooting
Appendix B. Operational procedures

Contact IBM


Publish Date
12 October 2014

Rating: Not yet rated




IBM Form Number

Number of pages