You can’t buy system integrity. You're born with it.

Originally issued in 1973 with the IBM MV operating system, IBM System Integrity statement has stood for over three decades as a symbol of IBM’s confidence in and commitment to the mainframe platform.

System Integrity is IBM’s commitment, designs, and development practices intended to prevent unauthorized application programs, subsystems and users from bypassing system security–that is, to prevent them from gaining access, circumventing, disabling, altering or obtaining control of key system processes and resources unless allowed by the installation.

IBM Z integrity vulnerability

A IBM Z System Integrity vulnerability is defined as the ability of any program not authorized by a mechanism under the installation’s control to circumvent or disable store or fetch protection, access a resource protected by a Security Server/Manager, or obtain control in an authorized state; that is, in supervisor state, with a protection key less than eight (8), or Authorized Program Facility (APF) authorized.

In the event that an IBM System Integrity problem is reported, IBM will always take action to investigate, and if validated, take appropriate action to resolve it. These actions may include development of fixes, identification of applicable workarounds, recommending migration to a later release, and more.

Security vulnerabilities 

Security vulnerabilities are defined as a set of conditions in the design, implementation, operation or management of a product or service that is unable to prevent an attack by a party resulting in exploitations such as controlling or disrupting operation, compromising (i.e. deleting, altering or extracting) data, or assuming ungranted trust or identity.

Examples might range from TCP/IP or Java architectural concerns to things like Denial of Service (DoS) attacks, heuristic or algorithm errors, and more.

Security Portal

IBM Z offers a Security Portal that allows clients to learn about the latest security and system integrity fixes available.

IBM utilizes several internal and external sources as input to the security and system integrity process to assist IBM as it investigates and works on vulnerabilities that might potentially affect IBM Z.

 Additional information

Please see the individual platform pages for more information.

System integrity statements

IBM z/OS

Better protect your system, data, transactions, and applications from accidental or malicious modification – one of many reasons Z remains the premier server for critical workloads.

IBM z/VM

IBM’s commitment to the system integrity of the z/VM environment, as described in this statement, represents a further significant step to help customers protect their data.

IBM z/VSE

As a best practice, IBM strongly recommends that clients obtain the latest service information, including any security and System Integrity APARs for z/VSE from the Service and Support site.

IBM Security Portal

Overview

The IBM Z Security Portal is intended to help you stay current with security and system integrity fixes by providing current patch data and associated Common Vulnerability Scoring System (CVSS) ratings for new APARs. Security Notices are also provided to address highly publicized security concerns.

Access

If you are an IBM Z customer (or their authorized representative), register now to access the IBM Z Security Portal for IBM Z Security/Integrity APAR information (currently z/OS and z/VM).

To register:

  1. Click on this button to email IBM.
    Register now
  2. Provide the customer name, your name and the IBM Resource Link ID.
  3. IBM will verify that you are a IBM Z customer or an authorized representative.

Terms and Conditions

By accessing the IBM Z Security Portal you agree the information contained in it is IBM Confidential, provided AS IS, may be used by you for internal purposes only and may not be disclosed to any third party without IBM's prior written consent.

If you do not agree to these conditions, you may not access the IBM Z Security Portal.

Please ensure that you update all of your IBM Z products to a supported version. Security and integrity fixes are generally only issued for supported versions of IBM Z products.

Note: *
All statements regarding IBM's plans, directions, and intent are subject to change or withdrawal without notice. Any reliance on this Statement of Direction is at the relying party's sole risk and will not create any liability or obligation for IBM.