System z Crypto and TKE Update System z Crypto and TKE Update

System z Crypto and TKE Update

IBM Redbooks

Publisher Description

This IBM® Redbooks® publication provides detailed information about the implementation of hardware cryptography in the System z10® server. We begin by summarizing the history of hardware cryptography on IBM Mainframe servers, introducing the cryptographic support available on the IBM System z10, introducing the Crypto Express3 feature, briefly comparing the functions provided by the hardware and software, and providing a high-level overview of the application programming interfaces available for invoking cryptographic support.

This book then provides detailed information about the Crypto Express3 feature, discussing at length its physical design, its function and usage details, the services that it provides, and the API exposed to the programmer. This book also provides significant coverage of the CP Assist for Cryptographic Functions (CPACF). Details on the history and purpose of the CPACF are provided, along with an overview of cryptographic keys and CPACF usage details. A chapter on the configuration of the hardware cryptographic features is provided, which covers topics such as zeroizing domains and security settings. We examine the software support for the cryptographic functions available on the System z10 server. We look at the recent changes in the Integrated Cryptographic Service Facility (ICSF) introduced with level HCR7770 for the z/OS® operating system. A discussion of PKCS#11 support presents an overview of the standard and provides details on configuration and exploitation of PKCS#11 services available on the z/OS operating system.

The Trusted Key Entry (TKE) Version 6.0 workstation updates are examined in detail and examples are presented on the configuration, usage, and exploitation of the new features. We discuss the cryptographic support available for Linux® on System z®, with a focus on the services available through the IBM Common Cryptographic Architecture (CCA) API. We also provide an overview on Elliptical Curve Cryptography (ECC), along with examples of exploiting ECC using ICSF PKCS#11 services. Sample Rexx and Assembler code is provided that demonstrate the capabilities of CPACF protected keys.

GENRE
Computers & Internet
RELEASED
2011
May 31
LANGUAGE
EN
English
LENGTH
328
Pages
PUBLISHER
IBM Redbooks
SELLER
International Business Machines Corp
SIZE
4
MB

More Books Like This

IBM System i Security: Protecting i5/OS Data with Encryption IBM System i Security: Protecting i5/OS Data with Encryption
IBM System i Security: Protecting i5/OS Data with Encryption
2008
IBM System Storage Data Encryption IBM System Storage Data Encryption
IBM System Storage Data Encryption
2010
Security and Linux on z Systems Security and Linux on z Systems
Security and Linux on z Systems
2018
Implementing the Storwize V7000 and the IBM System Storage SAN32B-E4 Encryption Switch Implementing the Storwize V7000 and the IBM System Storage SAN32B-E4 Encryption Switch
Implementing the Storwize V7000 and the IBM System Storage SAN32B-E4 Encryption Switch
2012
Platform Embedded Security Technology Revealed Platform Embedded Security Technology Revealed
Platform Embedded Security Technology Revealed
2014
A Practical Guide to TPM 2.0 A Practical Guide to TPM 2.0
A Practical Guide to TPM 2.0
2015

More Books by IBM Redbooks

TCP/IP Tutorial and Technical Overview TCP/IP Tutorial and Technical Overview
TCP/IP Tutorial and Technical Overview
2006
Advanced Networking Concepts Applied Using Linux on IBM System z Advanced Networking Concepts Applied Using Linux on IBM System z
Advanced Networking Concepts Applied Using Linux on IBM System z
2012
IPv6 Introduction and Configuration IPv6 Introduction and Configuration
IPv6 Introduction and Configuration
2012
Network Intrusion Prevention Design Guide: Using IBM Security Network IPS Network Intrusion Prevention Design Guide: Using IBM Security Network IPS
Network Intrusion Prevention Design Guide: Using IBM Security Network IPS
2011
IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager
IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager
2010
IBM/Cisco Multiprotocol Routing: An Introduction and Implementation IBM/Cisco Multiprotocol Routing: An Introduction and Implementation
IBM/Cisco Multiprotocol Routing: An Introduction and Implementation
2009

Customers Also Bought

Camelot Crypto 1- Crypto Genesis Camelot Crypto 1- Crypto Genesis
Camelot Crypto 1- Crypto Genesis
2018
The Newbie Guide To Bitcoin The Newbie Guide To Bitcoin
The Newbie Guide To Bitcoin
2018
Crypto Market Cap Crypto Market Cap
Crypto Market Cap
2019
Here's The #1 Secret To Dominating The Crypto World! Here's The #1 Secret To Dominating The Crypto World!
Here's The #1 Secret To Dominating The Crypto World!
2019
Ultimate cryptocurrency guide Ultimate cryptocurrency guide
Ultimate cryptocurrency guide
2019
Cryptocurrency. Your Ultimate Guide Cryptocurrency. Your Ultimate Guide
Cryptocurrency. Your Ultimate Guide
2018