Print Email

A Valuable System

Blockchain on IBM z Systems and LinuxONE provide security, performance and a business advantage

6/7/2017 12:00:24 AM | Since it exploded on the scene with Bitcoin—an electronic blockchain-based currency not associated with any government—blockchain has primarily been an x86-based Linux technology. In its earliest days, blockchain presented challenges that left it unprepared for the enterprise, despite how attractive it might be conceptually.

For example, blockchain lacked rigorous security because replication alone passed as security; developers originally assumed that any alterations in the blockchain would become obvious through several replications. But it took the hacking of one allegedly “secure” blockchain to come to the realization that there needed to be a way to protect blockchain from malware and privileged users, such as system administrators.

Open Hyperledger

A number of organizations, including IBM, saw the value in blockchain and created proprietary versions that attempted to overcome the shortcomings encountered by Bitcoin. The real value in blockchain, however, was in its ability to scale. Rolling out blockchain to all of your supply chain or trading partners along with whoever else you want to engage in a secure relationship with is incredibly useful. By contrast, when you only have a few partners to work with you don’t need blockchain at all; you could just piece together your current process interspersed with selective automation for key labor-intensive steps.

In March IBM announced the release of IBM Blockchain, the first enterprise-ready blockchain service based on the Linux Foundation's Hyperledger Fabric V1.0. The service enables developers to quickly build and host security-rich production blockchain networks on the IBM Cloud. It’s underpinned by IBM LinuxONE.

IBM contributed 44,000 lines of largely security related code to the Hyperledger Fabric V1.0. The Hyperledger consortium's Technical Steering Committee recently promoted Fabric from incubator to active state, which means it’s ready for prime time. Hyperledger’s designed to provide building enterprise-grade blockchain networks with a framework that can quickly scale as new network members join. The Hyperledger also boasts of transact at rates of more than 1,000 transactions per second, making it ready for enterprise use. IBM Global Finance has been using a blockchain that’s handled 450 million transactions since it began in 2016, reports Donna Dillenberger, IBM Fellow, IBM Enterprise Solutions.

z System Blockchain Appeal

Some might think that blockchain is an inherently safe technology, Dillenberger notes, but blockchain networks are only as safe as the infrastructures on which they reside. IBM states its High Security Business Network offers the world’s most secure Linux infrastructure that integrates security from the hardware up through the software stack and has specifically been optimized for enterprise blockchains.

Blockchain itself is a Linux phenomenon. That’s one reason Dillenberger is so enthusiastic about running blockchain on IBM’s LinuxONE. If you have a z13 running Linux, that will work too.  “IBM makes Linux run well on z Systems boxes, same acceleration tweaks and optimization,” she says. 

IBM z, z13 and LinuxONE all shine when it comes to security, which is one of the primary reasons for running the blockchain protocol at all. The z Systems platform delivers protection from insider attacks, helps safeguard entry points on the network and counters insider threats—even threats from anyone with system administrator credentials, a popular attack vector for hackers.

IBM z also comes with the industry’s highest certified level of isolation for a commercial system: Evaluation Assurance Level 5 certification. This is critical in highly regulated industries such as government, financial services and healthcare. Security like this becomes necessary whenever many parties are on the blockchain.

Another reason to use blockchain on z Systems is to get IBM’s various accelerators for encryption and security. In fact, Dillenberger notes, blockchain transactions on IBM z run twice as fast as an x86 due to the various accelerators. “You definitely want the hardware accelerators,” she adds.

Secure Service Containers

Download IBM’s Docker Hyperledger image for blockchain to enable encryption, access control and digital signature. The Secure Service Container runs in a special LPAR and offers protection from malware and system admins while providing tamper-resistant crypto cards. This is yet another reason to run blockchain on z Systems.

IBM’s Secure Service Containers essentially protect code throughout the blockchain application, effectively encapsulating the blockchain into a virtual appliance and denying access even to privileged users. They also employ tamper-responsive hardware security modules to protect encrypted data for storage of cryptographic keys. These modules are certified to FIPS 140-2 Level 4—the highest level of security certification available for cryptographic modules. This results in a highly auditable operating environment where comprehensive log data supports forensics, audit and compliance.

At the same time IBM announced Blockchain, it also announced the first commercially available blockchain governance and open-source developer tools, which automate the steps it takes to build with the Hyperledger Fabric and promise to shorten development time from weeks to days. The governance tools, on the other hand, make it easy to set up a blockchain network and assign roles and levels of visibility from a single dashboard. They also help network members set rules, manage membership and enforce network compliance once the network is up and running.

Blockchain Adoption

IBM has encouraged blockchain use to its customers, citing over 25 publicly named blockchain projects. These projects address everything from carbon asset management, to consumer digital ID, post trade derivatives processing, last mile shipping, supply chain food safety, provenance, securities lending and more. Additionally, new companies and projects are being added to IBM’s list nearly every week.

The benefits of these projects, as reported by IBM, include reduced cash cycle times, improved efficiency via lower overhead costs, fewer cost intermediaries and increased transaction visibility, which reduces the threat of tampering, fraud and cyber-crime.

If you have a z Systems platform and want blockchain, download IBM’s Docker Hyperledger image. You’ll enjoy a competitive advantage and extensive business gains from the start.

Alan Radding may be reached at
alan@radding.net.

Please sign in to comment.

Sign In




Join Now!
The Mainframe Magna Carta

The Mainframe Magna Carta

While the Mainframe Charter promises ongoing system innovation, value and community, Statements of Integrity provide real-world assurance that critical z/OS and z/VM exposures are promptly remedied.

Read more »

The Much-Maligned Mainframe

The Much-Maligned Mainframe

In moving away from the mainframe, many companies create a monster: a tangled mess of technologies and best-of-breed packages that don’t work together and threaten to overwhelm the organization with its cost and complexity.

Read more »