zSeries Crypto Guide Update
An IBM Redbooks publication
Note: This is publication is now archived. For reference only.
This IBM Redbooks publication is designed to help you understand and implement the z/OS Cryptographic PCICC and PCICA cards. Although this book focuses on the enablement of the z/OS PCICC and PCICA products, cryptography and the available services on z/OS are also discussed and explained, with special attention given to the new Trusted Key Entry (TKE 3.1) workstation.
In addition, we look at how Linux for zSeries supports the exploitation of the PCICC and PCICA cryptographic coprocessors by using a generic device driver called z90crypt, which routes the cryptographic work to the PCICC or PCICA cards.
We also describe UDX, which is the facility offered by the S/390 and zSeries PCICC, when running under control of ICSF, to enable users to design and implement their own cryptographic services to be executed in the PCICC itself. This provides maximum flexibility to the PCICC user, along with all the protection that the card can offer.
Ch 1 Introduction
Ch 2 PCICC and PCICA product overview
Ch 3 Planning and hardware installation
Ch 4 Installation, configuration and startup of ICSF
Ch 5 Customizing PCICC and CCF using TKE V3.1
Ch 6 Support functions
Ch 7 Linux for zSeries support of cryptographic coprocessors
App. A PCICC User Defined Extensions (UDX)
App B Callable services access control points
App. C Exploitation of the cryptographic coprocessors
App.D TKE host TCP/IP server setup