IBM Tivoli Key Lifecycle Manager for z/OS

An IBM Redpaper publication

Published 06 August 2009

cover image

IBM Form #: REDP-4472-00
(178 pages)

More options

Rate and comment

Authors: Karan Singh, Steven Hart, William C. Johnston, Lynda Kunz, Irene Penney


This IBM® Redbooks® publication provides details of a new offering called IBM Tivoli® Key
Lifecycle Manager. We introduce the product, provide planning suggestions, and detail the
installation of IBM Tivoli Key Lifecycle Manager on the z/OS® operating system running on a
System z® server.
Tivoli Key Lifecycle Manager is IBM’s latest storage device encryption solution. It allows
enterprises to create, manage, backup, and distribute their cryptographic key material from a
single control point. Tivoli Key Lifecycle Manager has evolved from the existing IBM Encryption Key
Manager solution. Unlike IBM Encryption Key Manager, which only provided a key server,
Tivoli Key Lifecycle Manager provides real key management, security policy capabilities, and
a web-based user-interface for ease of use. It leverages the existing security strengths of the
z/OS platform by using Integrated Cryptographic Services Facility (ICSF), System
Authorization Facility (SAF), and Java-based keystores to store all the key material.

Table of contents

Chapter 1. Introduction
Chapter 2. Planning for Tivoli Key Lifecycle Manager and its keystores
Chapter 3. Tivoli Key Lifecycle Manager installation
Chapter 4. Tivoli Key Lifecycle Manager backup and restore
Appendix A. Troubleshooting
Appendix B. Basics of cryptography

Follow IBM Redbooks

Follow IBM Redbooks