Skip to main content

IBM Tivoli Key Lifecycle Manager for z/OS

An IBM Redpaper publication

Note: This is publication is now archived. For reference only.


Published on 07 August 2009

  1. .PDF (2.3 MB)

Share this page:   

IBM Form #: REDP-4472-00

Authors: Karan Singh, Steven Hart, William C. Johnston, Lynda Kunz and Irene Penney

    menu icon


    This IBM® Redbooks® publication provides details of a new offering called IBM Tivoli® Key

    Lifecycle Manager. We introduce the product, provide planning suggestions, and detail the

    installation of IBM Tivoli Key Lifecycle Manager on the z/OS® operating system running on a

    System z® server.

    Tivoli Key Lifecycle Manager is IBM’s latest storage device encryption solution. It allows

    enterprises to create, manage, backup, and distribute their cryptographic key material from a

    single control point. Tivoli Key Lifecycle Manager has evolved from the existing IBM Encryption Key

    Manager solution. Unlike IBM Encryption Key Manager, which only provided a key server,

    Tivoli Key Lifecycle Manager provides real key management, security policy capabilities, and

    a web-based user-interface for ease of use. It leverages the existing security strengths of the

    z/OS platform by using Integrated Cryptographic Services Facility (ICSF), System

    Authorization Facility (SAF), and Java-based keystores to store all the key material.

    Table of Contents

    Chapter 1. Introduction

    Chapter 2. Planning for Tivoli Key Lifecycle Manager and its keystores

    Chapter 3. Tivoli Key Lifecycle Manager installation

    Chapter 4. Tivoli Key Lifecycle Manager backup and restore

    Appendix A. Troubleshooting

    Appendix B. Basics of cryptography