All keys are stored in a central repository with metadata such as activation dates and usage. By storing all key material in this central repository, backup can be easily achieved by including the database in existing backup procedures. This facilitates easy recovery if keys are lost.
By employing automated, semiautomated, and bulk key management processes, workflow can be improved to enable your organization to effectively manage high key volumes.
Key generation takes place within the IBM 47675 cryptographic coprocessor where keys are generated with a random generator.
Role-based access control
The Enterprise Key Management Foundation-Web Edition access control system is role-based and controls the access to functions and keys. The security administrator can define functions and keys that are available for each role and assign users to these roles.
Enterprise Key Management Foundation – Web Edition roles can be configured to require that two or more persons must be involved to generate, activate, and distribute keys, thus providing dual control for all operations.
Every important activity is logged in an IBM Db2 table and in z/OS System Management Facility, if available.
A data set dashboard function providing an overview of data sets that are encryptable, already encrypted, or not encryptable. Various search options on this dashboard make it easy to get an overview of the encryption status on an IBM Z server.
z/OS 2.3 and above
One of the following IBM servers:
z14 (all models)
z15 (all models)
We finance possibilities
Maximize your purchasing power with flexible payment options and competitive rates for IBM software, services, systems and solutions.