Abstract: A method, a data processing system, and a computer program product for managing cryptographic information. A determination is made as to whether a first time stamp of when cryptographic information was created is more recent than a second time stamp of a backup of the cryptographic information in response to receiving a request for the cryptographic information from a requester. The cryptographic information is used to encrypt data. The cryptographic information is prevented from being provided to the requester in response to a determination that the first time stamp of cryptographic information creation is more recent than the second time stamp of the backup of the cryptographic information.

Abstract: A method, system or computer usable program product for managing keys in a computer memory including receiving a request to store a first key to a first key repository, storing the first key to a second key repository in response to the request, and storing the first key from the second key repository to the first key repository within said computer memory based on a predetermined periodicity.

Abstract: Use of cryptographic key-store hardware security modules is optimized in a system having a first scarce high-security key storage device and a second more plentiful low-security key storage device comprising securing a cryptographic key to the higher security level by initially storing the key in the first storage device, then responsive to an event, evaluating the stored key against one or more rules, and subsequent to the evaluation, reclassifying the stored key for relocation, encrypting the reclassified key using a key-encryption key; relocating the reclassified key into the second, lower-security storage device, and storing the key-encryption key in the first storage device.

Abstract: Use of cryptographic key-store hardware security modules is optimized in a system having a first scarce high-security key storage device and a second more plentiful low-security key storage device comprising securing a cryptographic key to the higher security level by initially storing the key in the first storage device, then responsive to an event, evaluating the stored key against one or more rules, and subsequent to the evaluation, reclassifying the stored key for relocation, encrypting the reclassified key using a key-encryption key; relocating the reclassified key into the second, lower-security storage device, and storing the key-encryption key in the first storage device.

Abstract: A method, a data processing system, and a computer program product for managing cryptographic information. A determination is made as to whether a first time stamp of when cryptographic information was created is more recent than a second time stamp of a backup of the cryptographic information in response to receiving a request for the cryptographic information from a requester. The cryptographic information is used to encrypt data. The cryptographic information is prevented from being provided to the requester in response to a determination that the first time stamp of cryptographic information creation is more recent than the second time stamp of the backup of the cryptographic information.

Abstract: A method for automated validation and execution of cryptographic key and certificate deployment and distribution includes providing one or more keys; providing one or more key deployment points; and distributing the one or more keys to the one or more key deployment points in an automated manner based on a matrix or pattern mapping of each of the one or more keys to be distributed to each of the one or more key deployment points.