The IBM Integrated Cryptographic Service Facility provides services to create, access, and maintain encryption keys. These services are provided through a Cryptographic Service Facility task that must be started on each system that utilizes the service.
For information about the steps to install, initialize, and customize the startup task and ICSF data sets, see the IBM z/OS Integrated Cryptographic Service Facility System Programmers Guide.
Key Labels
The Advanced Encryption Standard (AES) keys are stored in clear form in the ICSF CKDS data set and assigned a name known as a key label. For the output management products, these key labels begin with CAOMPROD. A special ICSF key label named CAOMCKDS.LABEL is also created for each unique ICSF configuration.
Important! We recommend that you make regular backups of the ICSF CKDS data sets. If information in the ICSF CKDS data set is lost or destroyed, data encrypted with these keys is unusable.
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|