|
IBM Secure Service Container
IBM Secure Service Container is the trusted execution environment available for IBM Z and IBM LinuxONE servers. History In 2016 IBM introduced the z Appliance Container Infrastructure ("zACI") feature for the IBM z13, z13s, LinuxONE Rockhopper, and LinuxONE Emperor servers, delivered via a driver (firmware) update (driver level 27). IBM originally conceived its trusted execution environment as best suited for software "appliances," such as its own z/VSE Network Appliance, zAware, and GDPS Virtual Appliance offerings. As IBM improved zACI and broadened its applicability, the company quickly changed its name to IBM Secure Service Container (SSC) when the IBM z14 and LinuxONE Emperor II models launched in 2017. Details IBM Secure Service Container consists of a combination of hardware, firmware, and software technologies that are commercially available in recent IBM Z and IBM LinuxONE servers. The hardware and firmware elements are primarily extensions to IBM's PR/SM logical partitioni ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trusted Execution Environment
A trusted execution environment (TEE) is a secure area of a main processor. It guarantees code and data loaded inside to be protected with respect to confidentiality and integrity. Data integrity prevents unauthorized entities from outside the TEE from altering data, while code integrity prevents code in the TEE from being replaced or modified by unauthorized entities, which may also be the computer owner itself as in certain DRM schemes described in SGX. This is done by implementing unique, immutable, and confidential architectural security such as Intel Software Guard Extensions (Intel SGX) which offers hardware-based memory encryption that isolates specific application code and data in memory. Intel SGX allows user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels. A TEE as an isolated execution environment provides security features such as isolated execution, integrity of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IBM Z
IBM Z is a family name used by IBM for all of its z/Architecture mainframe computers. In July 2017, with another generation of products, the official family was changed to IBM Z from IBM z Systems; the IBM Z family now includes the newest model, the IBM z16, as well as the z15, the z14, and the z13 (released under the IBM z Systems/IBM System z names), the IBM zEnterprise models (in common use the zEC12 and z196), the IBM System z10 models (in common use the z10 EC), the IBM System z9 models (in common use the z9EC) and ''IBM eServer zSeries'' models (in common use refers only to the z900 and z990 generations of mainframe). Architecture The ''zSeries,'' ''zEnterprise,'' ''System z'' and ''IBM Z'' families were named for their availability – ''z'' stands for zero downtime. The systems are built with spare components capable of hot failovers to ensure continuous operations. The IBM Z family maintains full backward compatibility. In effect, current systems are the direct, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IBM LinuxONE
Linux on IBM Z or Linux on zSystems is the collective term for the Linux operating system compiled to run on IBM mainframes, especially IBM Z / IBM zSystems and IBM LinuxONE servers. Similar terms which imply the same meaning are ''Linux/390'', ''Linux/390x,'' etc. The three Linux distributions certified for usage on the IBM Z hardware platform are Red Hat Enterprise Linux, SUSE Linux Enterprise Server, and Ubuntu. History Linux on IBM Z originated as two separate efforts to port Linux to IBM's System/390 servers. The first effort, the "Bigfoot" project, developed by Linas Vepstas in late 1998 through early 1999, was an independent distribution and has since been abandoned. IBM published a collection of patches and additions to the Linux 2.2.13 kernel on December 18, 1999, to start today's mainline Linux on IBM Z. Formal product announcements quickly followed in 2000, including the Integrated Facility for Linux (IFL) engines. Think Blue Linux was an early mainframe distribution ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
PR/SM
A logical partition (LPAR) is a subset of a computer's hardware resources, virtualized as a separate computer. In effect, a physical machine can be partitioned into multiple logical partitions, each hosting a separate instance of an operating system. PR/SM Although the terms ''PR/SM'' and ''LPAR'' are often used interchangeably in IBM Z, including in IBM documentation, ''PR/SM'' was not present in the IBM 370/168's Virtual Machine Facility/370; it came in with the IBM 3090, years later. Formally, LPAR designates the mode of operation or an individual logical partition, whereas PR/SM is the commercial designation of the feature. In mainframe computing PR/SM (Processor Resource/System Manager) is a type-1 Hypervisor (a virtual machine monitor) that allows multiple logical partitions to share physical resources such as CPUs, I/O channels and LAN interfaces; when sharing channels, the LPARs can share I/O devices such as direct access storage devices (DASD). PR/SM is integrate ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Logical Partition
A logical partition (LPAR) is a subset of a computer's hardware resources, virtualized as a separate computer. In effect, a physical machine can be partitioned into multiple logical partitions, each hosting a separate instance of an operating system. PR/SM Although the terms ''PR/SM'' and ''LPAR'' are often used interchangeably in IBM Z, including in IBM documentation, ''PR/SM'' was not present in the IBM 370/168's Virtual Machine Facility/370; it came in with the IBM 3090, years later. Formally, LPAR designates the mode of operation or an individual logical partition, whereas PR/SM is the commercial designation of the feature. In mainframe computing PR/SM (Processor Resource/System Manager) is a type-1 Hypervisor (a virtual machine monitor) that allows multiple logical partitions to share physical resources such as CPUs, I/O channels and LAN interfaces; when sharing channels, the LPARs can share I/O devices such as direct access storage devices (DASD). PR/SM is integrate ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Virtual Machine
In computing, a virtual machine (VM) is the virtualization/emulation of a computer system. Virtual machines are based on computer architectures and provide functionality of a physical computer. Their implementations may involve specialized hardware, software, or a combination. Virtual machines differ and are organized by their function, shown here: * '' System virtual machines'' (also termed full virtualization VMs) provide a substitute for a real machine. They provide functionality needed to execute entire operating systems. A hypervisor uses native execution to share and manage hardware, allowing for multiple environments which are isolated from one another, yet exist on the same physical machine. Modern hypervisors use hardware-assisted virtualization, virtualization-specific hardware, primarily from the host CPUs. * Process virtual machines are designed to execute computer programs in a platform-independent environment. Some virtual machine emulators, such as QEMU and video ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cryptocurrency
A cryptocurrency, crypto-currency, or crypto is a digital currency designed to work as a medium of exchange through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it. It is a decentralized system for verifying that the parties to a transaction have the money they claim to have, eliminating the need for traditional intermediaries, such as banks, when funds are being transferred between two entities. Individual coin ownership records are stored in a digital ledger, which is a computerized database using strong cryptography to secure transaction records, control the creation of additional coins, and verify the transfer of coin ownership. Despite their name, cryptocurrencies are not considered to be currencies in the traditional sense, and while varying treatments have been applied to them, including classification as commodities, securities, and currencies, cryptocurrencies are generally viewed as a distinc ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FIPS 140-2
The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to approve cryptographic modules. The title is ''Security Requirements for Cryptographic Modules''. Initial publication was on May 25, 2001, and was last updated December 3, 2002. Its successor, FIPS 140-3, was approved on March 22, 2019, and became effective on September 22, 2019. FIPS 140-3 testing began on September 22, 2020, although no FIPS 140-3 validation certificates have been issued yet. FIPS 140-2 testing was still available until September 21, 2021 (later changed for applications already in progress to April 1, 2022), creating an overlapping transition period of more than one year. FIPS 140-2 test reports that remain in the CMVP queue will still be granted validations after that date, but all FIPS 140-2 validations will be moved to the Historical List on September 21, 2026 regardless of their actual final validation date. Purpose The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hardware Security Module
A hardware security module (HSM) is a physical computing device that safeguards and manages secrets (most importantly digital keys), performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips. Design HSMs may have features that provide tamper evidence such as visible signs of tampering or logging and alerting, or tamper resistance which makes tampering difficult without making the HSM inoperable, or tamper responsiveness such as deleting keys upon tamper detection. Each module contains one or more secure cryptoprocessor chips to prevent tampering and bus probing, or a combination of chips in a module that is protected by the tamper evident, tamper resistant, or tamper responsive packaging. A vast ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IBM Mainframe
IBM mainframes are large computer systems produced by IBM since 1952. During the 1960s and 1970s, IBM dominated the large computer market. Current mainframe computers in IBM's line of business computers are developments of the basic design of the IBM System/360. First and second generation From 1952 into the late 1960s, IBM manufactured and marketed several large computer models, known as the IBM 700/7000 series. The first-generation 700s were based on vacuum tubes, while the later, second-generation 7000s used transistors. These machines established IBM's dominance in electronic data processing ("EDP"). IBM had two model categories: one (701, 704, 709, 7030, 7090, 7094, 7040, 7044) for engineering and scientific use, and one (702, 705, 705-II, 705-III, 7080, 7070, 7072, 7074, 7010) for commercial or data processing use. The two categories, scientific and commercial, generally used common peripherals but had completely different instruction sets, and there were incompatibiliti ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Linux On IBM Z
Linux on IBM Z or Linux on zSystems is the collective term for the Linux operating system compiled to run on IBM mainframes, especially IBM Z / IBM zSystems and IBM LinuxONE servers. Similar terms which imply the same meaning are ''Linux/390'', ''Linux/390x,'' etc. The three Linux distributions certified for usage on the IBM Z hardware platform are Red Hat Enterprise Linux, SUSE Linux Enterprise Server, and Ubuntu. History Linux on IBM Z originated as two separate efforts to port Linux to IBM's System/390 servers. The first effort, the "Bigfoot" project, developed by Linas Vepstas in late 1998 through early 1999, was an independent distribution and has since been abandoned. IBM published a collection of patches and additions to the Linux 2.2.13 kernel on December 18, 1999, to start today's mainline Linux on IBM Z. Formal product announcements quickly followed in 2000, including the Integrated Facility for Linux (IFL) engines. Think Blue Linux was an early mainframe distribution ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
.svg "Click for more on -> Virtual Machine")
