Services for key management and encryption tasks
Typically, your site will have one security service dedicated to encrypting and one dedicated to decrypting. Depending on your situation, these services might already exist, but if they do not, create them before you perform the rest of the steps in this section.
When you perform tasks related to managing keys or sending / receiving encrypted / decrypted data, you must supply the name of the service with which the data is associated.
For example, if HRSD is sending a key to TM, you would specify the TM service (SSOPV2) as a parameter in the encryption command. If TM is sending a key to HRSD, you would specify the HRSD service (typically, enwisen).