Data hyper-protection ensures the privacy of data from its creation and presence on the enterprise mainframe to its final destination on applications and …
Join the DZone community and get the full member experience. Critical system-of-record data must be compartmentalized and accessed by the right people and applications, at the right time. Since the turn of the millennium, the art of cryptography has continuously evolved to meet the data security and privacy needs of doing business at Internet speed, by taking advantage of the ready processing horsepower of mainframe platforms for data encryption and decryption workloads. Having enterprise data processing, encryption and business logic colocated on the same mainframe offered an ideal way to reduce the latency of additional network hops for data, but there still remained a need to protect that data as it moved to and from the mainframe, as well as when it was at rest. For the purposes of maintaining the privacy of high-speed transactional data, early encryption wouldn’t have worked very well as a separate networked ‘gateway’ or system, which would add an unacceptable amount of latency to massive transaction volumes. To resolve such lags, IBM kept it local by putting a cryptographic processor right next to the primary processor in their early generation Z series platforms. These evolved into the next generation of CryptoExpress cards, which offered quite a jump in onboard performance, especially as processor speeds improved and costs came down. Since the encryption activity happened right on the hardware, these cards were virtually impossible to disrupt through typical software hacking means.
