NVMe Device Locking Policy services

News

Abstract

All NVMe devices supported by IBM® i are Self-Encrypting Drives (SED). This means the data is encrypted at rest. However, the key used to encrypt and decrypt the data is not protected. By creating a password policy and adding NVMe devices to it, the devices can protect the confidentiality of stored user data against unauthorized access once the device leaves the owner’s control. This feature uses the Trusted Computer Group (TCG) Opal Security Subsystem Class (SSC) specification for storage. Each NVMe device that supports the Opal SSC is registered in a list of devices on which the administrator can establish a locking policy. Once the device is added to the locking policy the NVMe device will lock itself when Main Power loss or PCIe cold resets occur.

Content

You are in: IBM i Technology Updates > Db2 for i - Technology Updates > IBM i Services (SQL) > NVMe Device Locking Policy services

For complete detail, visit these IBM Documentation pages:

ADD_DEVICE_LOCKING_POLICY procedure

CHANGE_DEVICE_LOCKING_POLICY procedure

CREATE_LOCKING_POLICY procedure

DELETE_LOCKING_POLICY procedure

FACTORY_RESET_DEVICE procedure

LOCKING_POLICY_INFO view

REMOVE_DEVICE_LOCKING_POLICY procedure

UNLOCK_DEVICE procedure

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[{"code":"a8m0z0000000C4BAAU","label":"IBM i"}],"ARM Case Number":"","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.4.0;and future releases"}]

Tips

NVMe Device Locking Policy services

News

Abstract

Content

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?