Skip to main content

IBM System i Security: Protecting i5/OS Data with Encryption

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.


Published on 24 July 2008

  1. .EPUB (2.3 MB)
  2. .PDF (5.2 MB)

Google Play Books

Share this page:   

ISBN-10: 0738485373
ISBN-13: 9780738485379
IBM Form #: SG24-7399-00

Authors: Yessong Johng, Beth Hagemeister, John Concini, Milan Kalabis and Robin Tatam

    menu icon


    Regulatory and industry-specific requirements, such as SOX, Visa PCI, HIPAA, and so on, require that sensitive data must be stored securely and protected against unauthorized access or modifications. Several of the requirements state that data must be encrypted.

    IBM® i5/OS® offers several options that allow customers to encrypt data in the database tables. However, encryption is not a trivial task. Careful planning is essential for successful implementation of data encryption project. In the worst case, you would not be able to retrieve clear text information from encrypted data.

    This IBM Redbooks® publication is designed to help planners, implementers, and programmers by providing three key pieces of information:

    Part 1, "Introduction to data encryption" on page 1, introduces key concepts, terminology, algorithms, and key management. Understanding these is important to follow the rest of the book.

    If you are already familiar with the general concepts of cryptography and the data encryption aspect of it, you may skip this part.

    Part 2, "Planning for data encryption" on page 37, provides critical information for planning a data encryption project on i5/OS.

    Part 3, "Implementation of data encryption" on page 113, provides various implementation scenarios with a step-by-step guide.

    Table of Contents

    Part 1. Introduction to data encryption

    Chapter 1. Data encryption: the big picture

    Chapter 2. Algorithms, operations, and System i implementations

    Chapter 3. Key management concepts

    Part 2. Planning for data encryption

    Chapter 4. Analyzing needs and defining scope

    Chapter 5. Managing keys on System i

    Chapter 6. Choosing a data encryption method

    Chapter 7. Database considerations

    Chapter 8. Application considerations

    Chapter 9. Backup considerations

    Part 3. Implementation of data encryption

    Chapter 10. SQL method

    Chapter 11. Cryptographic Services APIs method

    Chapter 12. HW-based method

    Appendix A. Additional material


    Others who read this also read