Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Cryptography facility z/OS Communications Server: SNA Network Implementation Guide SC27-3672-01 |
|
The cryptography facility protects the confidentiality of data transmitted between network resources by enciphering and deciphering session data. Cryptography is available for both LU 6.2 and non-LU 6.2 sessions. Support is available for both switched and nonswitched LUs. However, support is not available for binary synchronous communication (BSC) or local non-SNA devices. The facility establishes cryptographic sessions for application programs and peripheral node LUs that require cryptographic services. For an LU to have a cryptographic session, the host processor must support cryptography. The encryption facility provides two levels of cryptographic sessions:
The encryption facility uses services provided by the z/OS® Integrated Cryptographic Service Facility (ICSF) and S/390® Cryptographic Co-Processor. ICSF is a licensed program that runs under MVS™ and provides access to the hardware cryptographic feature for programming applications. The combination of the hardware cryptographic feature and ICSF provides secure high-speed cryptographic services. Tip: You might be able to use cryptographic products other
than ICSF if the cryptographic product runs in one of the supported
modes of operation. The following terms are used to see cryptographic
products that support one of these modes of operation:
Requirement: Triple-DES 24-byte encryption
requires the use of Common Cryptographic Architecture (CCA). CCA defines
a set of cryptographic functions, external interfaces, and a set of
key management rules that provide a consistent, end-to-end cryptographic
architecture across different IBM® platforms.
The cryptographic facilities provide services that include handling requests that VTAM® receives to generate a cryptographic key. The cryptographic key is used to encipher and decipher session data. Using dynamic cryptographic keys, you can do the following actions:
|
Copyright IBM Corporation 1990, 2014
|