Confidential computing with LinuxONE
Confidential computing is enabled on LinuxONE (s390x processor architecture) by using the IBM Secure Execution for Linux technology. With IBM Secure Execution for Linux, you can securely deploy workloads IBM Z17 and IBM LinuxONE 5. It ensures the integrity and confidentiality of boot images and server authenticity. Applications are isolated from the operating system, thus providing more privacy and security for the workload.
By using IBM Secure Execution for Linux, you can create encrypted Linux images that can run on a public, private, or hybrid cloud with their in-use memory protected. The workload or data is protected from external and insider threats.
For a technical deep dive into the IBM Hyper Protect Platform, see the white paper The Second Generation of IBM Hyper Protect Platform.
IBM Hyper Protect Confidential Container for Red Hat OpenShift Container Platform
Confidential containers allow businesses to handle sensitive workloads in untrusted environments, such as remote or shared data centers, while ensuring data protection. This technology is designed to prevent even system or container platform administrators, as well as service providers, from accessing or tampering with sensitive data and applications. A notable community initiative in this area is the Cloud Native Computing Foundation (CNCF) Confidential Containers project.
The IBM Confidential Computing Containers for Red Hat OpenShift Container Platform (CCCO) takes advantage of the IBM Secure Execution for Linux technology to provide a boundary around each CCCO VM and provides a Secure Execution boundary for protection from internal and external threats. For more information, see features of IBM Confidential Computing Containers for Red Hat OpenShift Container Platform.
You can set up, configure, and operate IBM CCCO on IBM Z® hardware just as you would operate Linux® on KVM VM and their virtual devices running on a KVM host. For more information, see KVM Virtual Server Management.
Next steps
- You can download the IBM Confidential Computing Containers for Red Hat OpenShift Container Platform image by following the instructions in the Downloading the image topic.
- You can read the information here to know more about installing, and configuring IBM CCCO.