Skip to main content

Streamline Management of the IBM z Systems Host Cryptographic Module Using IBM Trusted Key Entry

An IBM Redpaper publication


Published on 12 November 2015

  1. .PDF (0.9 MB)

Share this page:   

ISBN-10: 0738454702
ISBN-13: 9780738454702
IBM Form #: REDP-5305-00

Authors: J. Garry Sullivan

    menu icon


    Every organization has the goal and responsibility to ensure data confidentiality, integrity, and authenticity. Cryptographic systems are extensively used to provide the security needed for data transport. Cryptographic systems use keys to lock and unlock the encrypted data. The security and management of these keys is critical to the cryptographic system’s viability.

    For IBM® z Systems™, the Host Cryptographic Module keys are the most important keys that you have. Many standards require that the key parts for master keys never be in the clear outside of a Hardware Security Module (HSM). For z Systems, IBM Trusted Key Entry (TKE) is the only appliance that keeps those key parts properly encrypted while generating key material and loading master keys.

    This IBM Redbooks® Point-of-View publication reviews the IBM Trusted Key Entry product and the four features that streamline the mission-critical tasks that are performed from the TKE. Proper use of these features increases the speed and accuracy of your Host Cryptographic Module management and reduces the amount of time that you need in the TKE secure room

    Table of Contents

    Securing the keys to your kingdom

    Trusted Key Entry is in control

    -- Domain grouping

    -- Load All New Master Keys

    -- The Full Function Migration Wizard

    -- The Trusted Key Entry Workstation Setup Wizard

    What's next: How IBM can help

    Resources for more information


    Others who read this also read