Join the IBM Z and LinuxONE Community!

The IBM Z and LinuxONE Community features business and technical experts, blogs, and forums where you can exchange ideas, connect through shared interests, cultivate skills, and develop expertise.

Come join us! This is a great place to collaborate, share knowledge, and support one another in our everyday challenges. We welcome content from our customers, partners, and any other members of this vibrant technical community. You can also start discussions, share announcements and events, and so much more. We look forward to hearing from you.

Join and network today! https://www.ibm.com/community/z/

Sudharsana Srinivasan

Master the Mainframe 2019 contest — Register today!

Mainframes run 87% of all credit card transactions and 29 billion ATM transactions a day, around the world. To provide perspective, there are approximately 5.6 billion Google searches per day.

Here’s your opportunity to learn more about how IBM Z mainframes do all of this and more — and get hands on with coding challenges. Master the Mainframe, the world’s only student mainframe contest, is back for its 15th year in a row! This virtual contest is open to high school and college students worldwide who are looking to gain skills in a real-world, enterprise computing environment.

Learn more about the contest and register at: https://masterthemainframe.com.

Master the Mainframe contest image

Sudharsana Srinivasan

IBM Cloud Hyper Protect Services: Protect your organization from internal AND external threats

As a developer, you probably understand how important data security is — and this holds true whether you are a founder of the next great tech startup or part of a large enterprise team. Barely a month goes by without a high-profile story in the news about a data breach at a major company, and those are just the ones that were discovered and worth reporting on. Regardless of company size, data protection is as relevant now as it’s ever been. More recently, we’ve even heard of creative compromises where organizations believed their sensitive data was secure, but since they didn’t secure data they didn’t believe was sensitive, they found themselves vulnerable to attack. Even beyond specific incidents, many organizations are bound by compliance requirements (such as PCI DSS, GDPR, and HIPAA). As more and more countries evaluate and implement their own requirements, conversations around keeping sensitive data secure continue to evolve. Why rely on policy when you can rely on technology?

This is where a solution that provides data-at-rest and data-in-flight protection can help developers easily build applications with highly sensitive data. To meet this need, IBM Cloud offers a suite of services collectively known as IBM Cloud Hyper Protect Services, which are powered by LinuxONE. These services give users complete authority over sensitive data and associated workloads (even cloud admins have no access!) while providing unmatched scale and performance; this allows customers to build mission-critical applications that require a quick time to market and rapid expansion.

IBM Cloud Hyper Protect Services consists of four services, a combination of PaaS and SaaS, which are covered briefly in this video. The services are:

  • Hyper Protect Crypto Services
  • Hyper Protect DBaaS
  • Hyper Protect Virtual Servers
  • Hyper Protect Containers

Hyper Protect Crypto Services

Hardware-driven cryptography allows you to manage and keep your own keys for cloud data encryption, protected by a dedicated hardware security module (HSM) that meets FIPS 140-2 Level 4 certification — the only one in the industry that meets such standards! This means that even if an attacker has physical access to the data center where your cloud service resides, tamper-resistant hardware keeps your data protected.

Learn more about Hyper Protect Crypto Services by visiting the IBM Cloud documentation.

Hyper Protect DBaaS

Taking Database as a Service (DBaaS) one step further to add encryption, we offer two solutions: Hyper Protect DBaaS for PostgreSQL and Hyper Protect DBaaS for MongoDB EA.

Learn more about Hyper Protect DBaaS by visiting the IBM Cloud documentation.

You can also check out the IBM Developer tutorial Protect cloud-based data with an encrypted database.

Hyper Protect Virtual Servers

Provide your SSH key and you’re up and running with a secured Virtual Server, backed by isolation powered by the IBM LinuxONE Enterprise Server.

Learn more about Hyper Protect Virtual Servers by visiting the IBM Cloud documentation.

Hyper Protect Containers

Containers are incredibly popular today, and Hyper Protect Containers can help you build, test, and deploy a secure microservices-driven environment.

Under the hood

Looking for more technical details on how Hyper Protect works under the hood? Visit this tech talk by Chris Poole to learn precisely how the infrastructure is configured to provide maximum security, including how encryption and isolation are used to secure your data.

Conclusion

With more and more data being collected, stored, and shared, it is incumbent upon developers and data scientists to create technical solutions that automate data protection and security, especially individual-level, personally identifiable information. When your data is collected, stored, and shared, how would you like it to be managed? We assume you want the highest standards possible. That is how we want our data managed! Managing data security by policy alone is no longer good enough. As the world continues to become even more data driven, the future is all about data, innovation, and technical solutions like IBM Cloud Hyper Protect Services.

If you don’t have an IBM Cloud account yet, you can get started with these services today by visiting the IBM Cloud registration page.

Elizabeth K. Joseph
Melissa Sassi

Frontier technologies to protect the environment and tackle disaster response and resilience

Last week, we had the opportunity to take part in an event sponsored by the United Nations at UN Headquarters in New York City. The fourth annual Multi-stakeholder Forum on Science, Technology, and Innovation for the Sustainable Development Goals – STI Forum – brings together thought leaders from around the world to discuss technology gaps, needs, and capacity-building opportunities that foster solving the UN Sustainable Development Goals (SDGs). The SDGs consist of 17 goals that are aimed at making the world a better place by 2030 with a specific lens on poverty, inequality, and climate action.

STI Forum panel participants

We represented our respective organizations in a panel titled, Frontier Technologies to Protect the Environment.

Opening remarks were provided by H.E. Ambassador Juan Sandoval Mendiolea, Deputy Permanent Representative of Mexico to the UN. The panel was moderated by Ursula Wynhoven, ITU representative to the United Nations, with presentations from the following thought leaders:

  • Chaesub Lee, Director, Telecommunication Standardization Bureau, ITU
  • Kai Uwe Barani Schmidt, Senior Program Director of the Carnegie Climate Geoengineering Governance Initiative (C2G2)
  • David Meltzer, Secretary General of global satellite industry trade association – GVF
  • Melissa Sassi, Startup Program Manager, IBM Z Ecosystem – IBM
  • Paul Maseli, Director and UNIDO Representative to the UN

Frontier technologies

We talked about, amongst other things, how cutting-edge and innovative technologies offer the vast potential to help prepare for and respond to the impacts of natural disasters. Leveraging such technological innovation represents significant opportunities to accelerate efforts to achieving the SDGs.

As the number of natural disasters and associated impacts increase, we know that technology plays an important role. Dr. Lee highlighted several emerging, cutting-edge, and disruptive ideas – all showcasing the power to transform natural disaster resilience and responsiveness. Such innovation includes artificial intelligence (AI), Internet of Things (IoT), fifth generation mobile (5G), digitization and big data, space 2.0, robotics, clean energy, and digital twins. Two other ideas suggested by the audience included machine learning (ML) and blockchain.

“We are amassing an enormous wealth of data, and we are taking giant leaps forward in our ability to make sense of this data,” said Dr Lee. “We are learning more about ourselves as a society, and more about our relationship with our planet. We are gaining more precision in our understanding of the world’s many connections. In new technologies, we see new opportunities to achieve meaningful progress in social, economic and environmental sustainability. ITU is supporting the international collaboration required to apply these technologies to maximum effect.”

Satellite connectivity

As an innovator and advocate for digital inclusion, technologists like us are constantly thinking about innovation that relate to Internet access, digital skills, and making meaningful use of these by increasing beneficial healthcare, education, and economic outcomes.

The GVF’s presentation highlighted the role that satellite technology plays in mitigating the impact of natural disasters. By utilizing earth observation satellites to map damaged infrastructure, this technology assists in the logistics of delivering assistance to affected communities and communications satellites to quickly re-establish communications networks that enable disaster services such as telemedicine, mobile hotspots, and helping those affected by the disaster find missing loved ones. The GVF also presented the Crisis Connectivity Charter – a program supported by a number of satellite industry players, the UN Office for the Coordination of Humanitarian Affairs (OCHA), the Emergency Telecommunications Cluster (ETC), and the World Food Programme (WFP).

This annual STI Forum is an important discussion that brings connectivity thought leaders from around the world together to provide crisis communication support in the form of training, equipment, and satellite capacity at no costs to the disaster response organizations. There were important key takeaways from the Forum’s discussions, such as the example projects outlined below.

Example projects

Mapping

Late 2018, Hurricane Michael left unimaginable damage to Florida’s northwest coast. Organizations and hundreds of volunteers responded to the recovery effort, and SES Networks did its part by restoring communications networks. Its unique Medium Earth Orbit-managed service enabled the Information Technology Disaster Resource Center (ITDRC) to quickly assess and map post-emergency damages and help affected communities get back on their feet and connect with loved ones.

Check out this scenario where developers use NASA satellite data to predict wildfires:

Health

In addition, SES’ satellite-enabled technology plays a key role in e-health services in remote areas, where the lack of connectivity has been a major hindrance to proper healthcare. SES’ connectivity platform enabled healthcare professionals from all over the world to use video conferencing, conduct trainings, manage medical records and offer virtual consultations, among others.

Satellite-based telemedicine is another facet of satellite technologies. For disaster responses, this concept is not new. As noted by Geeks Without Frontiers, an organization focused on achieving UN SDGs by using satellite connectivity during the Armenian earthquake in the late 1980s. They used geostationary satellites to connect hospitals in disaster-affected communities with medical facilities in the U.S. for remote surgical, infectious disease, and other mission-critical consultations.

Other concepts

These early examples of innovation in satellite technologies (enabled by the U.S.-U.S.S.R. Space Bridge project) has now evolved into lower-cost, higher-performance solutions driven by advances not only in satellite, but also in renewable energy, video conferencing, wireless and cloud-based capabilities. In parallel, disaster preparedness – real, financially sustainable preparedness – has also been evolving with the development of strategic response plans that leverage a host of private and public-sector disaster-response stakeholders.

IBM Cloud Hyper Protect Services

The IBM Cloud™ Hyper Protect Services can help you create and implement highly secure AI, ML, data, and analytics solutions that empower developers and data scientists like you to build cloud applications by using a portfolio of cloud services powered by IBM LinuxONE. Data is encrypted and secure, even from cloud administrators, delivering the highest levels of security via hardware versus policy.

Enter your Call for Code submission

Are you interested in preparing for and responding to natural disasters through frontier technologies, such as cloud computing, ML, AI, data, and analytics? Does satellite connectivity play a role in your solution?

With so many opportunities for disruption and innovation, developers and data scientists have the power to transform the world and solve one of the most difficult challenges in front of us – responding to and preparing for natural disasters. One way for technologists to bring such innovation is to participate in the Call for Code Global Challenge.

IBM is a founding partner in Call for Code, a global coding competition that asks software developers, data scientists, and technologists like you to build scalable and sustainable solutions that address natural disaster preparedness, response, and recovery.

The Call for Code challenge is asking you to accept the challenge to creative innovative solutions, like those highlighted in this post. This year’s challenge is specifically focused on healthcare, access to medical health records, the vulnerable, and more. Read the CTO’s letter to developers to understand this year’s focus.

Resources

Melissa Sassi
David Meltzer

Longboarding their way to the mainframe

Can you imagine two teenagers on longboards as mainframe programmers? Meet Robin and Martijn van der Wal, 17-year-old students at ROC College Horizon in the Netherlands. Call them the “longboard twins” – their journey to the mainframe is an unusual one.

photo of Robin and Martijn van der Wal

Working with IBM and IBM Business Partner, ICU, to develop a proof-of-concept, the teenagers combined their love of longboarding and programming and came up with an interesting use case: Create a retail skateboard website prototype as a potential replacement for typical neither-secure-nor-fast solutions.

The longboard twins decided to use their programming skills to build an end-to-end solution that allows a mobile app to communicate with an existing CICS service on z/OS. They accomplished this by using IBM mainframes – LinuxONE and traditional IBM Z, z/OS Connect, and CICS.

The biggest challenge they faced was the lack of a contemporary language that spans mobile-to-mainframe and delivers on the promise of extreme agility they required.

Turns out that Apple’s open source Swift can be deployed for mobile, mid-tier, and the mainframe. So that’s exactly what the brothers did; they figured out a way to unlock and reuse critical application logic and data services that reside on a mainframe, all encoded in Swift. The result is a full-featured Swift client-side mobile application for ordering longboards on the web.

Turning a great idea into action, the brothers leveraged their knowledge of Swift server-side development and, together with their father Frank, they took the existing CICS application on z/OS and exposed it as a REST API with z/OS Connect. Then, they used IBM’s open source web framework, Kitura, which is written in Swift and runs natively on z/OS, to call the APIs. And finally, they leveraged PL/1 routines to store order information in a DB2 table.

ICU helped setup an IBM Cloud Private environment on LinuxONE for additional mid-tier scalability and added features. The mid-tier application also uses the Kitura/Swift combination. A NoSQL CouchDB database was added to enhance the data with product images as shown in the diagram below.

architecture diagram

If you think mainframes are old news and that modern-day developers don’t do mainframe programming, think again! Watch this video and see the longboard twins demo their fully integrated Swift app.

Learn more about these IBM Z products

Sudharsana Srinivasan
Andrii Vasylchenko

Securing sensitive health data in times of disaster

Ensuring that sensitive data is secure is top of mind for everyone, particularly when working with sensitive health data. Hyper protect cloud services built on IBM LinuxONE take security to the next level. This DBaaS service brings inherent data encryption both at rest and in flight without any application changes, and unlike other DBaaS cloud services it ensures that you are the only one with access to your data. The Crypto service allows you to maintain complete control over encryption key management where cloud admins have no access to the keys.

When disasters happen, the tech used to support relief teams in the field must be resilient, secure, and able to scale immediately. Seconds count and quick action can save lives. It’s not enough to just build applications that can be used in times of disaster; you need to ensure that those applications have the quality of services necessary to withstand the challenges that can arise during a disaster, such as sudden peaks in demand and malicious attempts to exploit the situation. For disaster survivors, the last thing they need is to have their sensitive data stolen, potentially destroying their ability to obtain critical medical care and financial assistance to rebuild and recover. First responders and disaster relief organizations need to know that the applications they rely on to speed response effectiveness before, during, and after a disaster provide reliable service — downtime and latency are not an option.

To help differentiate and harden your application to withstand the rigors of disaster, the IBM Hyper Protect family of services can provide the required back-end quality of services quickly and easily.

  • IBM Cloud Hyper Protect Crypto Services enable developers to easily infuse security with data encryption and key management capabilities into their applications. This service is unique as it puts key management into your hands and not the cloud service provider’s, all without application changes. The service supports secure key operations and random number generation via IBM LinuxONE cryptographic hardware behind the scenes. This is the only Cloud Hardware Security Module solution that’s built with FIPS 140-2 Level 4 certified technology offered by a public cloud provider.
  • IBM Cloud Hyper Protect DBaaS is designed to protect database services, such as MongoDB–EE, with data stores that are security-rich and private. This elevated secure DBaaS allows data owners to maintain complete control over their data; cloud admins can never access customer data, and application developers can easily provision secure data stores for sensitive data without specialized DBA skills or having to encrypt data before sending it to the database. All data is encrypted without application changes. This is ideal for apps in highly regulated industries and those that contain sensitive personal data (SPI) such as individual health and community well being.
  • IBM Cloud Hyper Protect Containers enable developers to deploy Kubernetes workloads on a highly secure platform built for confidential computing.

By thinking beyond the application functionality itself and considering the environment surrounding its use, you can take your application to the next level. With the highest quality of services underpinning your application, it can be ready when disaster strikes — because people are counting on it!

For more information, see the following tutorials:

Meredith Stowell