Trusted Key Entry (Tke) - IBM Z10 Installation Manual

Business class

Hide thumbs Also See for Z10:

Reference manual (67 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

page of 132

/ 132
Contents
Table of Contents
Bookmarks

Table of Contents

Level 03c, May 2011

Trusted key entry (TKE)

The z10 BC server may have a Crypto Express2 feature for applications where

extensive data security is required. For these systems, there is a separate console

available for authorized access to the Crypto Express2 feature. This console is

named the Trusted Key Entry (TKE) workstation.

The TKE workstation, FC 0839, includes a system unit, 510.5 mm (20 inch) flat

panel display, mouse, keyboard, and line cord. The built-in Ethernet adapter

supports a link data rate of 10, 100, or 1000 Mbps. A DVD RAM drive is available

for installation of Licensed Machine Code.

The TKE workstation attaches to the customer LAN, providing a security-rich,

flexible method of providing master key and operational key entry to locally and

remotely managed Cryptographic Coprocessor features.

TKE with optional Smart Card Reader, FC 0885 or FC 0887, allows access to and

use of confidential data on the Smart Card, protected by a user defined personal

identification number (PIN) code providing secure storage, access, transport and

entry of master and operational key parts into the TKE workstation. The following

characteristics pertain to the Smart Card Reader:

1. The Smart Card Reader (SCR) is an optional security device that attaches to

the TKE.

2. The Smart Card Reader provides swipe card function thus further restricting

access to the TKE.

3. Feature Code 0885, contains two Smart Card Readers, two serial port 'Y'

adapters, two serial cables, and 20 blank Smart Cards. The cables provide both

power source for the SCR and the communication path between the SCR and

the TKE workstation.

4. A TKE workstation and the TKE 5.0 or later level code are co-requisites for

ordering the Smart Card reader.

5. Any existing TKE workstation with a code level lower than 5.0 will have to be

replaced with a FC 0839 workstation and FC 0854 code (level 5.3) to work with

a TKE workstation ordered for your z10 BC server.

6. FC 0888 provides the ability to order additional blank Smart Cards. The Smart

Card Reader is a co-requisite for ordering additional Smart Cards.

To use the TKE function on z10 BC servers, the Crypto Express2 feature, TKE 5.3

code (FC 0854), and CP Assist for Cryptographic Function (FC 3863) must be

installed.

v TKE 5.x workstations may be used to control cryptographic functions on z10

™

, z10 BC, z9 EC

v TKE 4.x workstations may be used to control cryptographic functions on z990,

z890, and previous servers.

v TKE 3.x workstations may be used to control cryptographic functions on z900,

z800, and previous servers.

The TKE workstation requires two 110/120 volt outlets in the U.S. and Canada.

Power requirements vary in other countries.

Chapter 6. Hardware Management Console and support element communications

, z9 BC, z990, z890, z900, and z800 servers.

Table of Contents

Trusted Key Entry (Tke) - IBM Z10 Installation Manual

Trusted key entry (TKE)

Related Manuals for IBM Z10

Related Content for IBM Z10

Table of Contents