Forcing use of hardware crypto cards for encryption

Document ID : KB000015632
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

CA Datacom/DB and CA Datacom/AD provide encryption of data in tables that are configured for it. This encryption is done at a basic level, using z10 (or later) hardware, and this functionality provides for a single encryption key that is used for an entire database catalog (CXX).

Question:

Can CA Datacom be configured to force all encryption processing to use the cryptographic cards and not the General Processor, so that this overhead is not included in licensing and usage calculations?

Answer:

CA Datacom performs encryption using the hardware on which the programs are run. No special actions are required, and how the hardware chooses to perform the encryption or decryption processing is not known to our programs.

Therefore, we have no direct control over the processing or where it is performed.

Additional Information:

For more information about the use of encryption for CA Datacom/DB tables, please refer to the following:

For version 15.1, please see the CA DocOps webpage "Administrating > CA Datacom/DB Database and System Administration > Data Encryption"

For version 15.0, please see the CA DocOps webpage "Administrating > CA Datacom/DB Database and System Administration > Data Encryption"

For version 14.0, please see the CA Datacom/DB Database and System Administration Guide, in the section, "Introduction Data Encryption"

As always, please contact CA Technologies support for CA Datacom if you have further questions.