ICSF is a software product that works with the hardware cryptographic feature and the OS/390 Security Server (RACF), or an equivalent product, to provide secure, high-speed cryptographic services in the OS/390 environment. ICSF provides the application programming interfaces by which applications request the cryptographic services. The cryptographic feature is secure, high-speed hardware that performs the actual cryptographic functions.
ICSF enhances OS/390 security as follows:
• It ensures data privacy by encrypting and decrypting the data.
• It manages personal identification numbers (PINs).
• It ensures the integrity of data through the use of modification detection codes (MDCs) and hash functions.
• It ensures the privacy of cryptographic keys themselves by encrypting them under a master key or another key-encrypting key.
• It enforces DES key separation, which ensures that cryptographic keys are used only for their intended purposes.
• It enhances system availability by providing continuous operation.
• It enables the use of Rivest-Shamir-Adelman (RSA) public and private keys on a multi-user, multi-application platform.