Is it possible, using zSecure Audit, to report on those data sets that have had their contents encrypted?
Rising concern and audit findings related to documenting (and proving) a dataset (or list of datasets) have had their contents encrypted.
As of zSecure 1.9, there are two CARLa fields within SMF reporting that may be used for this purpose:
This repeated field contains the key label(s) associated with the event described by the SMF record. It is filled for record type 14 with the label(s) identifying the encryption key used to encrypt the data that was written to tape. For RACF processing records (type 80 and 83, subtype 1), this contains the PKDS key label from relocate section 398. This field can contain up to 64 bytes of text, and is by default shown with that length.
This repeated field contains the encoding for key label(s) associated with the event described by the SMF record. It is filled for record type 14 with either H or L, indicating Hash or Label encoding.
|Security||Tivoli zSecure Audit for ACF2||zAudit ACF2||z/OS||1.10, 1.11, 1.12, 1.13||All Editions|
|Security||Tivoli zSecure Audit for Top Secret||zAudit Top Secret||z/OS||1.10, 1.11, 1.12, 1.13||All Editions|
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.