6947ch05.fm

Draft Document for Review April 7, 2004 6:15 pm

5.3.5 TKE workstation feature

A TKE workstation is part of a customized solution for using the Integrated Cryptographic Service Facility for z/OS program product to manage cryptographic keys of a z990 that has PCIX Cryptographic Coprocessor features installed and configured for using Data Encryption Standard (DES) and Public Key Algorithm (PKA) cryptographic keys.

The TKE workstation provides secure control of the PCIX Cryptographic Coprocessor features, including loading of master keys.

If one or more logical partitions are customized for using PCIX Cryptographic Coprocessors, the TKE workstation can be used to manage DES master keys and PKA master keys for all cryptographic domains of each PCIX Cryptographic Coprocessor feature assigned to logical partitions defined to the TKE workstation.

Each logical partition using a domain managed through a TKE workstation connection is either a TKE host or a TKE target. A logical partition with TCP/IP connection to the TKE is referred to as TKE host; all other partitions are TKE targets.

The cryptographic controls set for a logical partition, through the z990 Support Element, determine whether it can be a TKE host or TKE target.

5.4 Cryptographic features comparison

Table 5-2 on page 128 summarizes the functions and attributes of the cryptographic hardware features.

Table 5-2 Cryptographic features comparison

Functions or Attributes

CPACF

PCIXCC

PCICA

 

 

 

 

Supports z/OS applications using ICSF

X

X

X

 

 

 

 

Supports OS/390 applications using ICSF

X

X

X

 

 

 

 

Encryption and decryption using secret-key algorithm

 

X

 

 

 

 

 

Provides highest SSL handshake performance

 

 

X (1)

Provides highest symmetric (clear key) encryption performance

X

 

 

 

 

 

 

Provides highest asymmetric (clear key) encryption performance

 

 

X

 

 

 

 

Provides highest asymmetric (encrypted key) encryption

 

X

 

performance

 

 

 

 

 

 

 

Disruptive process to enable

 

(2)

(2)

 

 

 

 

Requires IOCDS definition

 

 

 

 

 

 

 

Uses CHPID numbers

 

 

 

 

 

 

 

Is assigned PCHIDs

 

X (4)

X (4)

Physically imbedded on each Central Processor (CP)

X

 

 

 

 

 

 

Requires CP Assist for Cryptographic Function enablement

X

X

X (3)

Requires ICSF to be active

 

X

X

 

 

 

 

Offers user programming function support (UDX)

 

X

 

 

 

 

 

128IBM eServer zSeries 990 Technical Guide

Page 141 Page 143
Page 142
Image 142
IBM 990 manual Cryptographic features comparison, TKE workstation feature, Functions or Attributes
Page 141 Page 143

990 specifications

The IBM 990 series, often referred to in the context of IBM's pioneering efforts in the realm of mainframe computing, represents a unique chapter in the history of information technology. Introduced in the late 1960s, the IBM 990 series was designed as a powerful tool for enterprise-level data processing and scientific calculations, showcasing the company's commitment to advancing computing capabilities.

One of the main features of the IBM 990 was its architecture, which was built to support a wide range of applications, from business processing to complex scientific computations. The system employed a 32-bit word length, which was advanced for its time, allowing for more flexible and efficient data handling. CPUs in the IBM 990 series supported multiple instructions per cycle, which contributed significantly to the overall efficiency and processing power of the machines.

The technology behind the IBM 990 was also notable for its use of solid-state technology. This provided a shift away from vacuum tube systems that were prevalent in earlier computing systems, enhancing the reliability and longevity of the hardware. The IBM 990 series utilized core memory, which was faster and more reliable than the magnetic drum memory systems that had been standard up to that point.

Another defining characteristic of the IBM 990 was its extensibility. Organizations could configure the machine to suit their specific needs by adding memory, storage, and peripheral devices as required. This modular approach facilitated the growth of systems alongside the technological and operational demands of the business environments they served.

In terms of software, the IBM 990 series was compatible with a variety of operating systems and programming environments, including FORTRAN and COBOL, enabling users to access a broader array of applications. This versatility was a significant advantage, making the IBM 990 an appealing choice for educational institutions, research facilities, and enterprises alike.

Moreover, the IBM 990 was engineered to support multiprocessing, which allowed multiple processes to run simultaneously, further increasing its effectiveness in tackling complex computing tasks.

In summary, the IBM 990 series represents a significant advancement in computing technology during the late 20th century. With a robust architecture, versatile configuration options, and a focus on solid-state technology, the IBM 990 facilitated substantial improvements in data processing capabilities, making it a cornerstone for many businesses and academic institutions of its time. Its impact can still be seen today in the continued evolution of mainframe computing.
Top Page Image Contents