Key Management Deployment Guide: Using the IBM Enterprise Key Management Foundation

An IBM Redbooks publication

Published 12 October 2014

cover image

ISBN-10: 0738439916
ISBN-13: 9780738439914
IBM Form #: SG24-8181-00
(386 pages)

More options

Rate and comment

Authors: Axel Buecker, Mike Andreasen, Carsten Dahl Frehr, W. Craig Johnston, Alina Mot, Troels Norgaard, Soren Peen, Per Snowman


In an increasingly interconnected world, data breaches grab headlines. The security of sensitive information is vital, and new requirements and regulatory bodies such as the Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), and Sarbanes-Oxley (SOX) create challenges for enterprises that use encryption to protect their information. As encryption becomes more widely adopted, organizations also must contend with an ever-growing set of encryption keys. Effective management of these keys is essential to ensure both the availability and security of the encrypted information. Centralized management of keys and certificates is necessary to perform the complex tasks that are related to key and certificate generation, renewal, and backup and recovery.

The IBM® Enterprise Key Management Foundation (EKMF) is a flexible and highly secure key management system for the enterprise. It provides centralized key management on IBM zEnterprise® and distributed platforms for streamlined, efficient, and secure key and certificate management operations.

This IBM Redbooks® publication introduces key concepts around a centralized key management infrastructure and depicts the proper planning, implementation, and management of such a system using the IBM Enterprise Key Management Foundation solution.

Table of contents

Part 1. Business context and solution architecture
Chapter 1. Business context for enterprise key management
Chapter 2. Solution architecture
Chapter 3. Deployment, administration, and maintenance
Part 2. Use case scenario
Chapter 4. Overview of scenario, requirements, and approach
Chapter 5. Key management infrastructure setup and deployment
Appendix A. Troubleshooting
Appendix B. Operational procedures

Follow IBM Redbooks

Follow IBM Redbooks