IBM z14 / Dataset Encryption Arnaud MANTE IBM z/OS IT Specialist

Multiple layers of encryption Complexity & Security Control App Encryption hyper-sensitive data Database Encryption Provide protection for very sensitive in-use (DB level), in-flight & at-rest data File or Dataset Level Encryption Provide broad coverage for sensitive data using encryption tied to access control for in-flight & at-rest data protection Full Disk and Tape Encryption Provide 100% coverage for at-rest data with zero host CPU cost Coverage 2

Data Protection // z/OS Dataset Encryption Protection of data at-rest z/OS CF abc DB2,IMS, zFS, etc... CPACF Storage System SAN Network *** *** z/OS Dataset Encryption: Application transparent & enabled by policy Encryption tied to fine grained access control Host encryption via CPACF as data written-to or read-from disk. Supports ext. format sequential & VSAM Includes HSM & DSS migration/backup of encrypted data sets Replicated data remains encrypted Supports: CICS, DB2, IMS, Logger, & zFS In-memory system or application data buffers will not be encrypted Client Value Proposition: Reduced cost of encryption along with simple policy controls allows clients to enable extensive encryption to protect data in mission critical databases including DB2, IMS and VSAM Text from IBM z/OS Version 2 Release 2 enhancements and statements of direction (IBM United States Software Announcement 216-392, dated October 4, 2016) IBM plans to deliver application transparent, policy-controlled dataset encryption in IBM zTM/OS. IBM DB2 for z/OS and IBM Information Management System (IMS) intend to exploit z/OS dataset encryption. As indicated above, IBM plans to support z/OS data set encryption for DB2, IMS and CICS (e.g. CICS VSAM) data, as well as sequential data (BSAM, QSAM) for batch workloads (see page 30 & 31 for more details). Data sets must be extended format BSAM, QSAM or VSAM. LinuxONE/Linux on z

Data Protection // Coupling Facility Encryption z/OS 2.3 Data Protection // Coupling Facility Encryption Protection of data in-flight and in-use (CF) z/OS CF abc XES Storage System CPACF CPACF Network *** SAN *** End-to-End encryption of CF Data: Host Protected key CPACF Encryption (High Performance / Low Latency) Data encrypted in the host and remains encrypted until decrypted by host No application enablement required List & Cache Structures only – No Lock! Client Value Proposition: Simplify and reduce cost of compliance by removing CF and CF data from compliance scope (i.e. ability to encrypt all CF data) CPACF CPACF z/OS Parallel Sysplex Cluster

Data Protection // z/OS Network Security Protection of data in-flight CF z/OS *** abc App A App B abc COMM SERVER COMM SERVER Storage System Network *** SAN Communication Server z Encryption Readiness Technology (zERT): A z/OS administrator can determine when network traffic meets specified policy with new discovery and reporting capabilities Currently no single method to easily determine which application traffic patterns are protected Client Value Proposition: Not all organizations use host-based network encryption today. Reduced cost of encryption enables broad use of network encryption and enhanced audit simplifies compliance. LinuxONE/Linux on z

Data Protection // Existing Disk Encryption Protection of data at-rest z/OS abc abc CF Network Storage System SAN *** z/OS z/OS *** DS8000 Disk Encryption Encrypting disk drives protect data at rest when disk drives are retired, sent for repair or repurposed Once the key has been served to storage system any system connecting to storage system can retrieve unencrypted data LinuxONE/Linux on z xyz xyz

Data Protection // Linux on z File Encryption Submitted Upstream Data Protection // Linux on z File Encryption Protection of data at-rest z/OS CF Client Value Proposition: Integration of hardware accelerated Crypto into standard components for wide reach into solutions z/OS Storage System Network SAN *** Linux on z and LinuxONE Focus on Transparent Enablement: Transparent data encryption optimized with z14 CPACF hardware performance gains Leverage industry-unique CPACF encryption which prevents raw key material from being visible to OS and applications. *** LinuxONE/Linux on z DB server block device encryption abc CPACF Status: dm-crypt enhancements for CPACF protected-key submitted upstream

Data Protection // Linux on z Network Security Submitted Upstream Data Protection // Linux on z Network Security Protection of data in-flight CF z/OS Storage System Network *** SAN Linux on z and LinuxONE Focus on Transparent Enablement: Transparently accelerate TLS & IPSec using CPACF & SIMD to leverage hardware performance gains Client Value Proposition: Not organizations use host-based network encryption today… reduced cost of encryption enables broad use of network encryption LinuxONE/Linux on z Open SSL, Java, or GSKIT App *** abc CPACF Status: dm-crypt enhancements for CPACF protected-key submitted upstream

- Hardware / HMC - z/OS parmlib - ICSF part - RACF part - DFSMS configuration - Démo et Test - Quelles cléfs? Comment? Quand? Où? - Gestion des Master key et sauvegardes

How to encrypt existing dataset?

Be careful in case of restore or move !!!

How to create encrypted dataset? In order of preference: Using RACF Through a JCL with new label: DSKEYLBL Using the SMS / ACS routines All dataset must be extended and SMS managed!

HMC – hardware part Assign crypto card to your LPAR

Crypto card is now assigned to your LPAR.

PARMLIB configuration PARMLIB member CSFPRMxx CKDSN(SYSP.CSFCKDS) PKDSN(SYSP.CSFPKDS) DOMAIN(4) PARMLIB member IGDSMSxx ACSDEFAULTS = ON PARMLIB member CTICSFxx TRACEOPTS ON BUFSISZE(2M) OPTIONS(‘ALL’) Link to the physical crypto card.

ICSF Definition of the datasets: CKPD & PKDS Creation of the master key Creation of the key-label Load the key Check your ICSF status

CKDS & PKDS datasets Create your two datasets //DEFINE EXEC PGM=IDCAMS,REGION=4M //SYSPRINT DD SYSOUT=* //SYSIN DD * DEFINE CLUSTER (NAME(SYSD.CSF.CSFCKDS) - VOLUMES(BA0C01) - RECORDS(100 50) - RECORDSIZE(372,2048) - KEYS(72 0) - FREESPACE(10,10) - SHAREOPTIONS(2 3)) - DATA (NAME(SYSD.CSF.CSFCKDS.DATA) - BUFFERSPACE(100000) - ERASE - WRITECHECK) - INDEX (NAME(SYSD.CSF.CSFCKDS.INDEX)) ... Create your two datasets

Master Key management Start ICSF CSFM100E CRYPTOGRAPHIC KEY DATA SET, SYSP.CSFCKDS IS NOT INITIALIZED. CSFM101E PKA KEY DATA SET, SYSP.CSFPKDS IS NOT INITIALIZED.

ICSF: Master Key initialization

Master Key management Stop and Start ICSF CSFM129I MASTER KEY DES ON CRYPTO EXPRESS5 COPROCESSOR 5C00, SERIAL NUMBER DV4CX413, IS CORRECT

KGUP: Key Generator Utility Processes is your friend!! Key Label KGUP: Key Generator Utility Processes is your friend!!

Create the Key Label:

Submit the Key Label: //ICSF JOB CLASS=A,REGION=4M, // MSGLEVEL=(1,1),MSGCLASS=X,NOTIFY=&SYSUID //* //KGUP EXEC PGM=CSFKGUP,PARM=(‘SSM’) //CSFCKDS DD DSN=SYSP.CSFCKDS, // DISP=OLD ...

Refresh the Key Label: Log output : JCL output : ... CSFM653I CKDS LOADED 2 RECORDS WITH AVERAGE SIZE 248 Log output : JCL output :

Double check! Don’t go further if you don’t see your key label when you make a “view” on your CSFCKDS dataset, or use other utility like print!!!

SMS – ACS routines Update ACS routines Create specific dataclass for crypto

SMS – ACS routines PROC DATACLAS FILTLIST VSAMBIG INCLUDE (OMVSSMPE.**, ... 'SOFT.SMPE.ORDER') FILTLIST RRS INCLUDE (IXGLOGR*.**,HZS.**,SMPENTS.**) FILTLIST CRYPTO INCLUDE (MPLBANK.**) SELECT WHEN (&DSN=&CRYPTO) SET &DATACLAS='DSCRYPTO' WHEN (&DSN=&RRS) SET &DATACLAS='RRSDC' OTHERWISE SET &DATACLAS = '' END

SMS – ACS routines

RACF ALTDSD ‘MANTE.TEST.*’ UACC(NONE) DFP(RESOWNER(MANTE) DATAKEY(LABEL.FOR.CRYPTO)) RDEFINE CSFKEYS LABEL.FOR.CRYPTO UACC(NONE) PERMIT LABEL.FOR.CRYPTO CLASS(CSFKEYS) ID(CRYPTRD) ACCESS(READ) PERMIT LABEL.FOR.CRYPTO CLASS(CSFKEYS) ID(CRYPTWR) ACCESS(ALTER) RALTER CSFKEYS LABEL.FOR.CRYPTO ICSF(SYMCPACFWRAP(YES) SYMCPACFRET(YES))

RACF ********************************* Top of Data ************************** INFORMATION FOR DATASET MANTE.TEST.* (G) LEVEL OWNER UNIVERSAL ACCESS WARNING ERASE ----- -------- ---------------- ------- ----- 00 SYS1 NONE NO NO AUDITING -------- FAILURES(READ) NOTIFY NO USER TO BE NOTIFIED YOUR ACCESS CREATION GROUP DATASET TYPE ----------- -------------- ------------ ALTER SYS1 NON-VSAM NO INSTALLATION DATA DFP INFORMATION --------------- RESOWNER= MANTE DATAKEY= LABEL.FOR.CRYPTO ******************************** Bottom of Data ************************

How to know if a dataset is encrypted or not? In front of a dataset, enter command: LISTC EN(/) ALL Not encrypted: Encrypted with SMS rules: Encrypted with RACF or JCL key-label:

Encryption process overview: 1 2 3 4 Generate an encryption key and key label, store it in the CKDS . Setup for use of key label in RACF. Associate the key label with the desired data set(s). Migrate to encrypted data Allow secure key to be used as protected key via ICSF segment SYMCPACFWRAP SYMCPACFRET DB2: Online Reorg Non-disruptive In RACF, alter DFP segment in data set profile - DATAKEY() IMS HA Database: Online Reorg Non-disruptive zFS Container: zfsadmin encrypt Non-disruptive Grant access to key label In DFSMS, assign to data class VSAM or Seq data set: Stop application Copy data Restart application

Demo time!

Sample User TSO NOT ENCRYPTED ENCRYPTED MANTE ALTER access for the key-label ALTER RACF for the dataset READ, WRITE, DELETE TSOMANT READ access for the key-label READ, DELETE STGADMN NONE access for the key-label NOT READ but DELETE

Prêt pour la compréhension du mécanisme des “keys”?

Gestion des master keys et sauvegardes Master Key : sauvegarde uniquement: inutile!! CKDS: sauvegarde uniquement: inutile!! Master Key + CKDS: indispensable !

Pourquoi la pervasive encryption? - Ai-je confiance dans mon « outsourcer »? - Qui peut réellement accéder/lire mes disques et données?

Thank you Arnaud MANTE IT Specialist, IBM Z