LinuxONE® is a hardware system that is designed to support and use the Linux operating

system based on the value of its unique underlying architecture. LinuxONE can be used

within a private and multi-cloud environment to support a range of workloads and service

various needs.

On LinuxONE, security is built into the hardware and software.

This IBM® Redpaper® publication gives a broad understanding of how to use the various

security features that make the most of and complement the LinuxONE hardware security

features, including the following examples:

Hardware accelerated encryption of data, which is delivered with near-zero overhead by

the on-chip Central Processor Assist for Cryptographic Function (CPACF) and a dedicated

Crypto Express adapter.

Virtualization and industry-leading isolation capabilities with PR/SM, EAL 5+ LPARs,

DPM, KVM, and IBM z/VM®.

The IBM Secure Service Container technology, which provides workload isolation,

restricted administrator access, and tamper protection against internal threats, including

from systems administrators.

Other technologies that use LinuxONE security capabilities and practical use cases for

these technologies.

This publication was written for IT executives, architects, specialists, security administrators,

and others who consider security for LinuxONE.

Chapter 1. Introduction

Chapter 2. Core security technologies on LinuxONE

Chapter 3. Users of security on LinuxONE

Chapter 4. Quantum-safe computing

Chapter 5. IBM Support for Hyperledger Fabric with IBM LinuxONE

Chapter 6. Use cases

Chapter 7. Confidential AI

Appendix A. Reference guide