Controlling who can use cryptographic keys and services

System authorization facility (SAF) controls
Cryptographic coprocessor access controls for services and utilities
Steps for SAF-protecting ICSF services and CCA keys
Setting up profiles in the CSFSERV general resource class
Setting up profiles in the CSFKEYS general resource class
Enabling use of encrypted keys in Symmetric Key Encipher and Symmetric Key Decipher callable services