IBM Secure Service Container framework
In this appendix, the IBM Secure Service Container (SSC) framework is described. The SSC framework is available on IBM z14, and IBM z13 and z13s (Driver level 27) servers.
This appendix also briefly describes the reason why IBM created the SSC framework and how the SSC environment is intended to be used.
This appendix includes the following topics:
A.1 What is IBM Secure Service Container?
An appliance is an application (software) that provides a specified function or set of functions (service). It is packaged and deployed with a specific (trimmed) operating system in a virtual machine or a dedicated COTS (commodity of the shelf) hardware (physical server). It requires little to no intervention from a system administrator (software update, OS update, and maintenance).
An appliance must satisfy various requirements, such as certified functionality and security (the function it provides must be tamper resistant even from a system administrators or other privileged users) and simple deployment and maintenance.
In the current IT deployments, various components that serve the business processes (databases, middleware, applications, and so on) require specialized management functions (such as access management, enterprise directories, secure key management, backup and restore). The development requirements of the management functions do not follow the dynamic of the actual business functions.
Because of the diversity of the platforms on which the business applications run, the management function must be maintained (updated, tested or even certified) if the management functions are deployed alongside the mainstream business applications when the platform must be maintained or upgraded. However, the complexity and associated IT spending is increased.
As such, these management functions can be deployed by using an appliance model in which the functions that are provided are available and accessible through standardized methods.
Many appliances are available from various suppliers. Each appliance includes the following features:
•Separate administration (and deployment process)
•Different hardware configuration requirements
•Different performance profile and management requirements
•Different security characteristics (that require alignment with enterprise requirements)
IBM Z Appliance
An IBM Z Appliance is an integration of operating system, middleware, and software components that work autonomously. They also provide core services and infrastructure that focuses on consumability and security.
An appliance is deployed as system image that can be started that contains all of the necessary layers to provide a specific set of services or functions. IBM Z Appliance are implemented as a firmware appliance or a software appliance.
IBM Secure Service Container
IBM developed the SSC framework. This framework provides the base infrastructure to create and deploy an IBM Z Appliance, including operating system, middleware, Software Development Kit (SDK), and firmware support. A special feature of the IBM SSC framework is that it protects the deployed workload from being accessed by a system administrator or an external attacker.
A.2 SSC LPAR
For IBM Z servers, the SSC Partition is an LPAR type that runs an IBM Z Appliance based on Secure Service Container framework.
Multiple virtual appliances integrated into IBM Secure Service Container can be deployed on IBM z14 (z13 and z13s also). These virtual appliances include the following common features:
•Administration (deployment)
•Hardware configuration
•Managed performance profiles
•Security characteristics (aligned with enterprise requirements)
At the time of this writing, the following appliances are available from IBM:
•z/VSE Network Appliance.
•IBM Z Advanced Workload Analysis Reporter (IBM zAware), which is now deployed as a software appliance and integrated with IBM Operations Analytics for Z.
More appliances are expected in the future. Appliances can be implemented as firmware or software, depending on the environment on which the appliance runs and the function it must provide.
The SSC framework is available on IBM z14, z13, and z13s servers.
A.3 Why Secure Service Container?
The SSC framework simplifies the process a team must apply to create an appliance. It also enforces a common set of behaviors for operations that all appliances must perform.
The SCC framework also provides a set of utilities to implement the common functions that all appliances need (FFDC, network setup, appliance configuration, and so on.). An application developer can use the SSC framework to turn a solution into a stand-alone appliance that is easily installed onto the IBM Z platform.
The SSC framework enables the release a product as software or firmware based on a business decision, not on a technical decision.
Deploying an appliance takes minutes. Appliances do not require any operating system knowledge or middleware knowledge. They allow users to focus on the core services they deliver.
A.4 IBM Z servers and SSC
Appliances that are based on the SSC framework share the following features and characteristics:
•Encapsulated operating systems
•Services that are provided by using Remote APIs (RESTful) and web interfaces
•Embedded monitoring and self-healing
•End-to-end tamper-protection
•Protected intellectual property
•Tested and qualified by IBM for a specific use case
•Can be delivered as firmware or software
The deployment model for an appliance is shown in
Figure A-1.
Figure A-1 Appliance deployment in a SSC LPAR on IBM Z
SSC provides a highly secure context (see
Figure A-2) for deploying appliances that include the following features:
•Allows no system admin access:
– After the appliance image is built, OS access (ssh) is not possible
– Only Remote APIs are available
– Memory access of system admin is disabled
•Data storage uses encrypted disk
•Debug data (dumps) are encrypted
•Strong isolation between container instances
•High assurance isolation
Figure A-2 SSC protection
The process that is used to deploy an appliance includes the following steps (see
Figure A-3):
1. Purchasing the software appliance.
2. Downloading the appliance image.
3. Creating and activating the SSC LPAR.
4. Deploying the appliance by using the appliance installer.
5. Configuring and using the appliance through REST API or a web UI.
Figure A-3 SSC deployment in five steps
The SSC framework provides following appliance management controls for appliance administrators:
•View messages and events
•Manage network, users and disks
•View appliance status
•Export and import data
•Apply services and updates
•Support for software license
At the time of this writing, the SSC software framework provides support for the following components:
•FCP and ECKD storage
•Dynamic Partition Manager
•User management within appliance with LDAP
•Enhanced network and storage management user interface (UI)
•File system with embedded CRC checking
•Include KVM, qemu, virsh packages
•Embedded OS upgrades
•Support smart card machine unique key handling