System z Crypto and TKE Update PDF Download
Are you looking for read ebook online? Search for your book and save it on your Kindle device, PC, phones or tablets. Download System z Crypto and TKE Update PDF full book. Access full book title System z Crypto and TKE Update by Karan Singh. Download full books in PDF and EPUB format.
Author: Karan Singh
Publisher: IBM Redbooks
ISBN: 0738435546
Category : Computers
Languages : en
Pages : 328
Get Book Here
Book Description
This IBM® Redbooks® publication provides detailed information about the implementation of hardware cryptography in the System z10® server. We begin by summarizing the history of hardware cryptography on IBM Mainframe servers, introducing the cryptographic support available on the IBM System z10, introducing the Crypto Express3 feature, briefly comparing the functions provided by the hardware and software, and providing a high-level overview of the application programming interfaces available for invoking cryptographic support. This book then provides detailed information about the Crypto Express3 feature, discussing at length its physical design, its function and usage details, the services that it provides, and the API exposed to the programmer. This book also provides significant coverage of the CP Assist for Cryptographic Functions (CPACF). Details on the history and purpose of the CPACF are provided, along with an overview of cryptographic keys and CPACF usage details. A chapter on the configuration of the hardware cryptographic features is provided, which covers topics such as zeroizing domains and security settings. We examine the software support for the cryptographic functions available on the System z10 server. We look at the recent changes in the Integrated Cryptographic Service Facility (ICSF) introduced with level HCR7770 for the z/OS® operating system. A discussion of PKCS#11 support presents an overview of the standard and provides details on configuration and exploitation of PKCS#11 services available on the z/OS operating system. The Trusted Key Entry (TKE) Version 6.0 workstation updates are examined in detail and examples are presented on the configuration, usage, and exploitation of the new features. We discuss the cryptographic support available for Linux® on System z®, with a focus on the services available through the IBM Common Cryptographic Architecture (CCA) API. We also provide an overview on Elliptical Curve Cryptography (ECC), along with examples of exploiting ECC using ICSF PKCS#11 services. Sample Rexx and Assembler code is provided that demonstrate the capabilities of CPACF protected keys.
Author: Karan Singh
Publisher: IBM Redbooks
ISBN: 0738435546
Category : Computers
Languages : en
Pages : 328
Get Book Here
Book Description
This IBM® Redbooks® publication provides detailed information about the implementation of hardware cryptography in the System z10® server. We begin by summarizing the history of hardware cryptography on IBM Mainframe servers, introducing the cryptographic support available on the IBM System z10, introducing the Crypto Express3 feature, briefly comparing the functions provided by the hardware and software, and providing a high-level overview of the application programming interfaces available for invoking cryptographic support. This book then provides detailed information about the Crypto Express3 feature, discussing at length its physical design, its function and usage details, the services that it provides, and the API exposed to the programmer. This book also provides significant coverage of the CP Assist for Cryptographic Functions (CPACF). Details on the history and purpose of the CPACF are provided, along with an overview of cryptographic keys and CPACF usage details. A chapter on the configuration of the hardware cryptographic features is provided, which covers topics such as zeroizing domains and security settings. We examine the software support for the cryptographic functions available on the System z10 server. We look at the recent changes in the Integrated Cryptographic Service Facility (ICSF) introduced with level HCR7770 for the z/OS® operating system. A discussion of PKCS#11 support presents an overview of the standard and provides details on configuration and exploitation of PKCS#11 services available on the z/OS operating system. The Trusted Key Entry (TKE) Version 6.0 workstation updates are examined in detail and examples are presented on the configuration, usage, and exploitation of the new features. We discuss the cryptographic support available for Linux® on System z®, with a focus on the services available through the IBM Common Cryptographic Architecture (CCA) API. We also provide an overview on Elliptical Curve Cryptography (ECC), along with examples of exploiting ECC using ICSF PKCS#11 services. Sample Rexx and Assembler code is provided that demonstrate the capabilities of CPACF protected keys.
Author: Karan Singh
Publisher:
ISBN:
Category :
Languages : en
Pages :
Get Book Here
Book Description
Author: Bill White
Publisher: IBM Redbooks
ISBN: 0738460222
Category : Computers
Languages : en
Pages : 274
Get Book Here
Book Description
This IBM® Redpaper Redbooks® publication provides a broad explanation of data protection through encryption and IBM Z® pervasive encryption with a focus on IBM z/OS® data set encryption. It describes how the various hardware and software components interact in a z/OS data set encryption environment. In addition, this book concentrates on the planning and preparing of the environment and offers implementation, configuration, and operational examples that can be used in z/OS data set encryption environments. This publication is intended for IT architects, system programmer, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.
Author: Lydia Parziale
Publisher: IBM Redbooks
ISBN: 0738456551
Category : Computers
Languages : en
Pages : 38
Get Book Here
Book Description
Integrated Cryptographic Service Facility (ICSF) is a part of the IBM® z/OS® operating system that provides cryptographic functions for data security, data integrity, personal identification, digital signatures, and the management of cryptographic keys. Together with the cryptography features of the IBM Z family, it provides secure, high-performance cryptographic functions (such as the loading of master key values) that enable the hardware features to be used by applications. This IBM RedpaperTM publication briefly describes ICSF and the key elements of z/OS that address different security needs. The audience for this publication is cryptographic administrators and security administrators, and those in charge of auditing security in an organization.
Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738439916
Category : Computers
Languages : en
Pages : 390
Get Book Here
Book Description
In an increasingly interconnected world, data breaches grab headlines. The security of sensitive information is vital, and new requirements and regulatory bodies such as the Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), and Sarbanes-Oxley (SOX) create challenges for enterprises that use encryption to protect their information. As encryption becomes more widely adopted, organizations also must contend with an ever-growing set of encryption keys. Effective management of these keys is essential to ensure both the availability and security of the encrypted information. Centralized management of keys and certificates is necessary to perform the complex tasks that are related to key and certificate generation, renewal, and backup and recovery. The IBM® Enterprise Key Management Foundation (EKMF) is a flexible and highly secure key management system for the enterprise. It provides centralized key management on IBM zEnterprise® and distributed platforms for streamlined, efficient, and secure key and certificate management operations. This IBM Redbooks® publication introduces key concepts around a centralized key management infrastructure and depicts the proper planning, implementation, and management of such a system using the IBM Enterprise Key Management Foundation solution.
Author: Helmut Hellner
Publisher: IBM Redbooks
ISBN: 0738456918
Category : Computers
Languages : en
Pages : 472
Get Book Here
Book Description
One of a firm's most valuable resources is its data: client lists, accounting data, employee information, and so on. This critical data must be securely managed and controlled, and simultaneously made available to those users authorized to see it. The IBM® z/VSE® system features extensive capabilities to simultaneously share the firm's data among multiple users and protect them. Threats to this data come from various sources. Insider threats and malicious hackers are not only difficult to detect and prevent, they might be using resources with the business being unaware. This IBM Redbooks® publication was written to assist z/VSE support and security personnel in providing the enterprise with a safe, secure and manageable environment. This book provides an overview of the security that is provided by z/VSE and the processes for the implementation and configuration of z/VSE security components, Basic Security Manager (BSM), IBM CICS® security, TCP/IP security, single sign-on using LDAP, and connector security.
Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738440108
Category : Computers
Languages : en
Pages : 332
Get Book Here
Book Description
This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM System z® hardware and software. In an age of increasing security consciousness, IBM System z provides the capabilities to address the needs of today's business security challenges. This publication explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. This book highlights the features of IBM z/OS® and other operating systems, which offer various customizable security elements under the Security Server and Communication Server components. This book describes z/OS and other operating systems and additional software that leverage the building blocks of System z hardware to provide solutions to business security needs. This publication's intended audience is technical architects, planners, and managers who are interested in exploring how the security design and features of System z, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.
Author: Octavian Lascu
Publisher: IBM Redbooks
ISBN: 0738441678
Category : Computers
Languages : en
Pages : 588
Get Book Here
Book Description
Digital business has been driving the transformation of underlying information technology (IT) infrastructure to be more efficient, secure, adaptive, and integrated. IT must be able to handle the explosive growth of mobile clients and employees. It also must be able to process enormous amounts of data to provide deep and real-time insights to help achieve the greatest business impact. This IBM® Redbooks® publication addresses the new IBM z SystemsTM single frame, the IBM z13s server. IBM z Systems servers are the trusted enterprise platform for integrating data, transactions, and insight. A data-centric infrastructure must always be available with a 99.999% or better availability, have flawless data integrity, and be secured from misuse. It needs to be an integrated infrastructure that can support new applications. It also needs to have integrated capabilities that can provide new mobile capabilities with real-time analytics delivered by a secure cloud infrastructure. IBM z13s servers are designed with improved scalability, performance, security, resiliency, availability, and virtualization. The superscalar design allows z13s servers to deliver a record level of capacity over the prior single frame z Systems server. In its maximum configuration, the z13s server is powered by up to 20 client characterizable microprocessors (cores) running at 4.3 GHz. This configuration can run more than 18,000 millions of instructions per second (MIPS) and up to 4 TB of client memory. The IBM z13s Model N20 is estimated to provide up to 100% more total system capacity than the IBM zEnterprise® BC12 Model H13. This book provides information about the IBM z13s server and its functions, features, and associated software support. Greater detail is offered in areas relevant to technical planning. It is intended for systems engineers, consultants, planners, and anyone who wants to understand the IBM z SystemsTM functions and plan for their usage. It is not intended as an introduction to mainframes. Readers are expected to be generally familiar with existing IBM z Systems technology and terminology.
Author: Octavian Lascu
Publisher: IBM Redbooks
ISBN: 0738438863
Category : Computers
Languages : en
Pages : 568
Get Book Here
Book Description
The popularity of the Internet and the affordability of IT hardware and software have resulted in an explosion of applications, architectures, and platforms. Workloads have changed. Many applications, including mission-critical ones, are deployed on various platforms, and the IBM® System z® design has adapted to this change. It takes into account a wide range of factors, including compatibility and investment protection, to match the IT requirements of an enterprise. This IBM Redbooks® publication addresses the new IBM zEnterprise® System. This system consists of the IBM zEnterprise EC12 (zEC12), an updated IBM zEnterprise Unified Resource Manager, and the IBM zEnterprise BladeCenter® Extension (zBX) Model 003. The zEC12 is designed with improved scalability, performance, security, resiliency, availability, and virtualization. The superscalar design allows the zEC12 to deliver a record level of capacity over the prior System z servers. It is powered by 120 of the world's most powerful microprocessors. These microprocessors run at 5.5 GHz and are capable of running more than 75,000 millions of instructions per second (MIPS). The zEC12 Model HA1 is estimated to provide up to 50% more total system capacity than the IBM zEnterprise 196 (z196) Model M80. The zBX Model 003 infrastructure works with the zEC12 to enhance System z virtualization and management. It does so through an integrated hardware platform that spans mainframe, IBM POWER7®, and IBM System x® technologies. Through the Unified Resource Manager, the zEnterprise System is managed as a single pool of resources, integrating system and workload management across the environment. This book provides information about the zEnterprise System and its functions, features, and associated software support. Greater detail is offered in areas relevant to technical planning. It is intended for systems engineers, consultants, planners, and anyone who wants to understand the zEnterprise System functions and plan for their usage. It is not intended as an introduction to mainframes. Readers are expected to be generally familiar with existing IBM System z® technology and terminology.
Author: Karan Singh
Publisher: IBM Redbooks
ISBN: 0738439800
Category : Computers
Languages : en
Pages : 286
Get Book Here
Book Description
The ABCs of IBM® z/OS® System Programming is an 11-volume collection that provides an introduction to the z/OS operating system and the hardware architecture. Whether you are a beginner or an experienced system programmer, the ABCs collection provides the information that you need to start your research into z/OS and related subjects. If you want to become more familiar with z/OS in your current environment or if you are evaluating platforms to consolidate your e-business applications, the ABCs collection can serve as a powerful technical tool. Following are the contents of the volumes: Volume 1: Introduction to z/OS and storage concepts, TSO/E, ISPF, JCL, SDSF, and z/OS delivery and installation Volume 2: z/OS implementation and daily maintenance, defining subsystems, JES2 and JES3, LPA, LNKLST, authorized libraries, IBM Language Environment®, and SMP/E Volume 3: Introduction to DFSMS, data set basics, storage management hardware and software, VSAM, System-managed storage, catalogs, and DFSMStvs Volume 4: Communication Server, TCP/IP, and IBM VTAM® Volume 5: Base and IBM Parallel Sysplex®, System Logger, Resource Recovery Services (RRS), global resource serialization (GRS), z/OS system operations, automatic restart management (ARM), and IBM Geographically Dispersed Parallel SysplexTM (IBM GDPS®) Volume 6: Introduction to security, IBM RACF®, digital certificates and public key infrastructure (PKI), Kerberos, cryptography and IBM z9® integrated cryptography, Lightweight Directory Access Protocol (LDAP), and Enterprise Identity Mapping (EIM) Volume 7: Printing in a z/OS environment, Infoprint Server, and Infoprint Central Volume 8: An introduction to z/OS problem diagnosis Volume 9: z/OS UNIX System Services Volume 10: Introduction to IBM z/Architecture®, IBM System z® processor design, System z connectivity, logical partition (LPAR) concepts, hardware configuration definition (HCD), and Hardware Management Console (HMC) Volume 11: Capacity planning, performance management, Workload Manager (WLM), IBM Resource Measurement FacilityTM (RMFTM), and System Management Facilities (SMF)
