IBM Z10 EC manual Commitment to system integrity

With z/OS 1.9, IBM introduces:

•A revised and expanded Statement of z/OS System Integrity

•Large Page Support (1 MB)

•Capacity Provisioning

•Support for up to 64 engines in a single image (on z10 EC model only)

•Simplifi ed and centralized policy-based networking

•Expanded IBM Health Checker

•Simplifi ed RACF® Administration

•Hardware Decimal Floating Point

•Parallel Sysplex support for Infi niband® Coupling Links

•NTP Support for STP

•HiperSockets Multiple Write Facility

•OSA-Express3 support

•Advancements in ease of use for both new and existing IT professionals coming to z/OS

•Support for zIIP-Assisted IPSec, System Data Mover (SDM) offl oad to zIIP, and support for eligible portions of DB2 9 XML parsing workloads to be offl oaded to zAAP processors

•Expanded options for AT-TLS and System SSL network security

•Improved creation and management of digital certifi - cates with RACF, SAF, and z/OS PKI Services

•Additional centralized ICSF encryption key management functions for applications

•Improved availability with Parallel Sysplex and Coupling Facility improvement

•Enhanced application development and integration with new System REXX™ facility, Metal C facility, and z/OS UNIX® System Services commands

•Enhanced Workload Manager in managing discretionary work and zIIP and zAAP workloads

Commitment to system integrity

First issued in 1973, IBM’s MVS™ System Integrity State- ment and subsequent statements for OS/390® and z/OS stand as a symbol of IBM’s confi dence and commitment to the z/OS operating system. Today, IBM reaffi rms its com- mitment to z/OS system integrity.

IBM’s commitment includes designs and development practices intended to prevent unauthorized application programs, subsystems, and users from bypassing z/OS security—that is, to prevent them from gaining access, circumventing, disabling, altering, or obtaining control of key z/OS system processes and resources unless allowed by the installation. Specifi cally, z/OS “System Integrity” is defi ned as the inability of any program not authorized by a mechanism under the installation’s control to circumvent or disable store or fetch protection, access a resource pro- tected by the z/OS Security Server (RACF), or obtain con- trol in an authorized state; that is, in supervisor state, with a protection key less than eight (8), or Authorized Program Facility (APF) authorized. In the event that an IBM System Integrity problem is reported, IBM will always take action to resolve it.

IBM’s long-term commitment to System Integrity is unique in the industry, and forms the basis of the z/OS industry leadership in system security. z/OS is designed to help you protect your system, data, transactions, and applications from accidental or malicious modifi cation. This is one of the many reasons System z remains the industry’s premier data server for mission-critical workloads.