Pervasive Encryption is for Extended Format data sets, so it is limited to disk
data sets. (You could use the Encryption Facility for tape data sets.)
When you allocate the data set it will be flagged as a 'Pervasive Encrypted'
data set. (I'm not sure what terminology IBM is using for such a
Mike Baldwin wrote:
>It would be helpful to know if there is an intent to extend this feature
to the
>tape device class,or if customers need to differentiate between datasets
written
>to disk (potentially encrypted) and tape (needing a different encryption
technique,
>or change to disk and then
There has been at least one SHARE presentation on this. The one I
know about was session 20612 at San Jose 2017. It covers the basics,
and should answer a lot of questions.
sas
--
For IBM-MAIN subscribe / signoff / archive
There is a key for the dataset and it is stored in ICSF.
Nothing magically gets encrypted although some articles and promos seem to
imply if buy a z14 everything will magically be encrypted which is not true.
There is key management to plan. There is the decision on how datasets get
assigned a
> On Sep 11, 2017, at 10:27 AM, Mike Baldwin wrote:
>
> z/OS Data Set Encryption is a fantastic new feature, kudos to IBM, and I don't
> mean to detract from its wonderfulness.
>
> That's a good point, and I understand, if a new disk dataset is encrypted,
> then copying it
Hi Timothy,
On Sat, 9 Sep 2017 17:43:25 +0800, Timothy Sipples wrote:
>"Disk" in this context means any/all storage that manifests itself as 3390
>device types.
>
>For DFSMS backups, including backups to virtual tape and tape, z/OS Data
>Set Encrypted datasets stay encrypted.
Mike Baldwin wrote:
>The FAQ says "residing on disk", so datasets residing on tape (e.g. TS7700
>would not be supported. (Even if accessed using BSAM/QSAM, and of course
>EXCP). Is that correct, and do we expect it's a permanent restriction?
"Disk" in this context means any/all storage that
Hi Timothy,
Thanks for this.
>BSAM, QSAM, and VSAM extended format data sets are all supported.
The FAQ says "residing on disk", so datasets residing on tape (e.g. TS7700)
would not be supported. (Even if accessed using BSAM/QSAM, and of course EXCP).
Is that correct, and do we expect it's a
z/OS Data Set Encryption is a critical new security feature to help you
better protect sensitive data. It's a key ingredient in an overall, stepped
up enterprise privacy and data protection strategy. And, importantly, z/OS
Data Set Encryption does not require any application changes, so you can