Getting Started with z/OS Data Set Encryption

A draft IBM Redbooks publication

Updated 19 March 2018

Authors: Bill White, Andy Coulson, Jacky Doll, Brad Habbershaw, Cecilia Carranza Lewis, Thomas Liu, Ryan McCarry, Eysha Shirrine Powers, Philippe Richard, Romoaldo Santos


Note that this IBM® Redbooks® publication is under construction. New versions of the draft will be released periodically.

This IBM® Redbooks® publication provides a broad explanation of IBM Z pervasive encryption with a focus on z/OS® data set encryption. It shows how the various hardware and software components interact to enable z/OS data set encryption.

In addition, this book concentrates on the planning of the environment and offers implementation, configuration, and operational examples that can be used in z/OS data set encryption environments.

This publication is useful to IT architects, system programmer, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.

Table of contents

Chapter 1. Protecting data in today's IT environment
Chapter 2. Identifying the components and release levels
Chapter 3. Planning for z/OS data set encryption
Chapter 4. Preparing for z/OS data set encryption
Chapter 5. Deploying z/OS data set encryption
Chapter 6. Auditing z/OS Data Set Encryption
Chapter 7. Maintaining encrypted data sets (coming soon)
Chapter 8. Maintaining the ICSF environment (coming soon)
Chapter 9. Maintaining data set encryption keys (coming soon)
Appendix A. Troubleshooting

Follow IBM Redbooks

Follow IBM Redbooks