Maximizing Security with LinuxONE

An IBM Redpaper publication

Note: A new draft version of this publication is now available

Published 16 October 2019

cover image

ISBN-10: 0738458139
ISBN-13: 9780738458137
IBM Form #: REDP-5535-00
(66 pages)

More options

Rate and comment

Authors: Lydia Parziale, Yongkook Kim, Rushir Patel, Narjisse Zaki


LinuxONE is a hardware system designed to support and exploit the Linux operating system based on the value of its unique underlying architecture. LinuxONE can be used within a private and multi-cloud environment to support a range of workloads and service a variety of needs.
On LinuxONE, security is built into both the hardware and software.
This IBM® Redpaper publication gives a broad understanding of how to leverage the various security features that exploit and complement the LinuxONE hardware security features, such as these:

  • Hardware accelerated encryption of data, delivered with near-zero overhead by the on-chip Central Processor Assist for Cryptographic Function (CPACF) and a dedicated Crypto Express adapter.

  • Virtualization and industry leading isolation capabilities with PR/SM, EAL 5+ LPARs, DPM, KVM, and IBM z/VM®.

  • The IBM Secure Service Container technology, which provides workload isolation, restricted administrator access, and tamper protection against internal threats, including from systems administrators.

  • Other technologies that exploit LinuxONE security capabilities and deeper dives into practical use cases for these technologies.

This IBM Redpaper publication was written for IT executives, architects, specialists, security administrators, and others who consider security when using LinuxONE.

Table of contents

Chapter 1. Introduction
Chapter 2. Core Security Technologies on LinuxONE
Chapter 3. Exploiters of Security on LinuxONE
Chapter 4. Use cases
Chapter 5. IBM Blockchain Platform with IBM LinuxONE
Appendix A. Summary and Reference Guide

Follow IBM Redbooks

Follow IBM Redbooks