Operator commands for IBM Security Key Lifecycle Manager for z/OS 1.1

Learn how to centralize and automate the encryption key-management process

Learn how to implement operator commands to control IBM Security Key Lifecycle Manager (ISKLM) for z/OS® from the console of a mainframe. The goal is to centralize and automate the encryption key-management process, reduce the number of encryption keys, and consolidate encryption key management while facilitating compliance for regulatory standards that require strong hardware encryption.

developerWorks security editors, Staff, IBM

Security icon imageThis article is brought to you by the editors of the developerWorks Security site.



10 September 2013

IBM expert Ori Pomerantz has been securing computer networks (and showing others how to do it too) since 1995. Pomerantz joined IBM in 2003 and since then, he has written classes on several IBM security products, including IBM Security zSecure™. He is also a co-author of the IBM Press publication Mainframe Basics for Security Professionals: Getting Started with RACF, 2007. In this whitepaper, "IBM Security Key Lifecycle Manager for z/OS 1.1: Operator Commands", Pomerantz helps you learn how to implement operator commands to control IBM Security Key Lifecycle Manager (ISKLM) for z/OS from the console of a mainframe. This task requires two prerequisites that you will discover:

  • How to run Java™ programs from jobs
  • How to create a started task to be able to issue commands to ISKLM

See Download for the full white paper.

What you will learn

Pomerantz covers the following instructions in this paper:

  • How to run Java programs from JCL jobs. (JCL, or Job Control Language, is a scripting language used on IBM mainframe operating systems to instruct the system on how to run a batch job or start a subsystem. There are two IBM JCLs: One that descends from DOS/360 and whose latest member is z/VSE and one that descends from OS/360 to z/OS. They share some basic syntax rules and a few basic concepts, but are otherwise different.) You'll learn about:
    • The z/OS program that runs the Java virtual machine, JVMLDM
    • The JCL procedure that contains configuration parameters that pertain to the JVM and are unlikely to change between jobs, JVMPRC as well as how to edit this
    • An example JCL job that uses JVMLDM and JVMPRC to run a Java class, JVMJCL as well as how to edit it
  • How to verify the JCL works, including changing the Java class
  • Managing started tasks, JCL jobs that are stored in specific data sets. You'll learn to:
    • Add a data set to the started task data set list
    • Create a started task
    • Test the started task
  • Finally, you'll learn about the ISKLM started task files — the environment setup script ISKLMENV and the started task file ISKLM — and how to control ISKLM from a started task.

Download

DescriptionNameSize
Whitepaperisklm_zos_oper_cmds.pdf698KB

Resources

Learn

Get products and technologies

  • Evaluate IBM products in the way that suits you best: Download a product trial, try a product online, or use a product in a cloud environment.

Discuss

  • Get involved in the developerWorks Community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.

Comments

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

Dig deeper into Security on developerWorks


  • Bluemix Developers Community

    Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.

  • Security

    Pragmatic, intelligent, risk-based IT Security practices.

  • DevOps Services

    Software development in the cloud. Register today to create a project.

  • IBM evaluation software

    Evaluate IBM software and solutions, and transform challenges into opportunities.

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Security
ArticleID=943466
ArticleTitle=Operator commands for IBM Security Key Lifecycle Manager for z/OS 1.1
publish-date=09102013