6947ch05.fm

Draft Document for Review April 7, 2004 6:15 pm

The Web site will direct the customer's request to an IBM Global Services (IGS) location appropriate for the customer'sgeographic location. A special contract will be negotiated between IGS and the customer, covering development of the UDX by IGS per the customer's specifications, as well as an agreed-upon level of the UDX.

Under a special contract with IBM, PCIX Cryptographic Coprocessor customers will gain the flexibility to define and load custom cryptographic functions themselves. This service offering can be requested via the IBM Cryptocards Web site by selecting the Custom Programming option.

5.2 z990 Cryptographic processors

Three types of cryptographic hardware features are available on z990. The cryptographic features are usable only when explicitly enabled through IBM.

￿CP Assist for Cryptographic Function (CPACF)

The CP Assist for Cryptographic Function feature provides hardware acceleration for DES, TDES, MAC, and SHA-1 cryptographic services. Cryptographic keys must be protected by The application system.

￿PCIX Cryptographic Coprocessor (PCIXCC)

The PCIX Cryptographic Coprocessor provides a replacement for both the PCICC and the CMOS Cryptographic Coprocessor Facility (CCF). The PCIXCC on z990 provides equivalent PCICC functions at higher performance. It also includes functions that were implemented in the CCF. The PCIXCC supports highly secure cryptographic functions, use of secure encrypted key values and user-defined extensions.

￿PCI Cryptographic Accelerator (PCICA)

Secure Web transactions frequently employ the secure Socket Layer (SSL) protocol. The IBM e-business PCI Cryptographic Accelerator offloads your server from compute-intensive public-key cryptographic operations employed in the protocol. This cost-effective solution often enables significantly greater server throughput

5.2.1CP Assist for Cryptographic Function (CPACF)

Each CP has an assist processor on the chip in support of cryptography. The CP Assist for Cryptographic Function (CPACF) provides high performance hardware encryption and decryption support. To that end, the following five new instructions are introduced with the cryptographic assist function:

￿KMAC - Compute Message Authentic Code

￿KM - Cipher Message

￿KMC - Cipher message with chaining

￿KIMD - Compute Intermediate Message Digest

￿KLMD - Compute Last Message Digest

The CP Assist for Cryptographic Function provides high performance hardware encryption and decryption support.

The CP Assist for Cryptographic Function offers a set of symmetric cryptographic functions that enhance the encryption and decryption performance of clear key operations for SSL, VPN and data storing applications that do not require FIPS 140-2 level 4 security. The cryptographic architecture includes DES, T-DES data encryption and decryption, MAC message authorization and SHA-1 hashing. These functions are directly available to application programs, diminishing programming overhead.

122IBM eServer zSeries 990 Technical Guide

Page 135 Page 137
Page 136
Image 136
IBM manual Z990 Cryptographic processors, CP Assist for Cryptographic Function Cpacf
Page 135 Page 137

990 specifications

The IBM 990 series, often referred to in the context of IBM's pioneering efforts in the realm of mainframe computing, represents a unique chapter in the history of information technology. Introduced in the late 1960s, the IBM 990 series was designed as a powerful tool for enterprise-level data processing and scientific calculations, showcasing the company's commitment to advancing computing capabilities.

One of the main features of the IBM 990 was its architecture, which was built to support a wide range of applications, from business processing to complex scientific computations. The system employed a 32-bit word length, which was advanced for its time, allowing for more flexible and efficient data handling. CPUs in the IBM 990 series supported multiple instructions per cycle, which contributed significantly to the overall efficiency and processing power of the machines.

The technology behind the IBM 990 was also notable for its use of solid-state technology. This provided a shift away from vacuum tube systems that were prevalent in earlier computing systems, enhancing the reliability and longevity of the hardware. The IBM 990 series utilized core memory, which was faster and more reliable than the magnetic drum memory systems that had been standard up to that point.

Another defining characteristic of the IBM 990 was its extensibility. Organizations could configure the machine to suit their specific needs by adding memory, storage, and peripheral devices as required. This modular approach facilitated the growth of systems alongside the technological and operational demands of the business environments they served.

In terms of software, the IBM 990 series was compatible with a variety of operating systems and programming environments, including FORTRAN and COBOL, enabling users to access a broader array of applications. This versatility was a significant advantage, making the IBM 990 an appealing choice for educational institutions, research facilities, and enterprises alike.

Moreover, the IBM 990 was engineered to support multiprocessing, which allowed multiple processes to run simultaneously, further increasing its effectiveness in tackling complex computing tasks.

In summary, the IBM 990 series represents a significant advancement in computing technology during the late 20th century. With a robust architecture, versatile configuration options, and a focus on solid-state technology, the IBM 990 facilitated substantial improvements in data processing capabilities, making it a cornerstone for many businesses and academic institutions of its time. Its impact can still be seen today in the continued evolution of mainframe computing.
Top Page Image Contents