You can’t buy system integrity, you are born with it.
Why does System z persist as such a phenomenal data serving platform? The platform’s classic strengths of availability, scalability, reliability, application development/integration and security all come to mind. But at the root of these classic capabilities—a foundational element of the platform—is the system’s high level of system integrity.
Originally issued in 1973 with the IBM MVS™ operating system, IBM System Integrity statement has stood for over three decades as a symbol of IBM’s confidence in and commitment to the mainframe platform.
System Integrity is IBM’s commitment, designs, and development practices intended to prevent unauthorized application programs, subsystems and users from bypassing system security–that is, to prevent them from gaining access, circumventing, disabling, altering or obtaining control of key system processes and resources unless allowed by the installation.
It is a a powerful concept that IBM has continued to uphold and deliver on for almost 40 years.
A closer look at System Integrity
A System z System Integrity vulnerability is defined as the ability of any program not authorized by a mechanism under the installation’s control to circumvent or disable store or fetch protection, access a resource protected by a Security Server/Manager, or obtain control in an authorized state; that is, in supervisor state, with a protection key less than eight (8), or Authorized Program Facility (APF) authorized. In the event that an IBM System Integrity problem is reported, IBM will always take action to investigate, and if validated take appropriate action to resolve it. These actions may include development of fixes, identification of applicable workarounds, recommending migration to a later release, etc.
Security vulnerabilities on the other hand are defined as a set of conditions in the design, implementation, operation or management of a product or service that is unable to prevent an attack by a party resulting in exploitations such as controlling or disrupting operation, compromising (i.e. deleting, altering or extracting) data, or assuming ungranted trust or identity. Examples might range from TCP/IP or Java architectural concerns to things like Denial of Service (DoS) attacks, heuristic or algorithm errors, etc.
System z has made available a Security Portal that allows clients to learn about the latest security and system integrity fixes available which can help enable clients to keep their enterprise up to date. IBM utilizes several internal and external sources as input to the security and system integrity process to assist IBM as it investigates and works on vulnerabilities that might potentially affect System z.
Please see the individual platform pages for more information and details on the process.
The value of IBM zEnterprise for Deploying Heterogeneous Private Clouds
IBM Security zSecure Products at Allied Irish Bank