Hyper Protect Crypto Services cloud TKE procedures

The purpose of this document is to provide a template with procedures for the secure initialization and management of IBM Cloud® Hyper Protect Crypto Services Enterprise PKCS#11 Hardware Security Modules using Cloud Trusted Key Entry (TKE) key part files or smart cards. The document is intended as a template to be tailored to fit the requirements of your organization.

The management of Hyper Protect Crypto Services can be subject to internal or external audits. For example, by using smart cards to initialize your service instance, the setup and procedures for initialization and management of Hyper Protect Crypto Services need to be documented, and evidence needs to be collected during execution of the procedures. Several decisions need to be taken by your Hyper Protect Crypto Services management team to establish a secure setup and make it operational for a production environment. You need to make most of these decisions beforehand and incorporate into this document.

View and download the procedures by clicking the following links:

• Key ceremony through cloud TKE CLI and key part files
• Key ceremony through cloud TKE and smart cards