MAINFRAME > Business Strategy > Business Applications

IBM Delivers Additional Protection for Blockchain

blockchain security
Illustration by Greg Mably

To net it out, a private distributed ledger technology network is as susceptible to attack as any other information system. And considering that, per IBM’s 2016 Cyber Security Intelligence Index (, unauthorized access to an organization’s information systems has historically been by far the most frequently occurring security incident category (accounting for 45 percent of all incidents in 2015, up 22 percent from the previous year). Protecting private distributed ledger technologies from such abuse should be a key concern for all blockchain providers.

Additional Protection

IBM recognized this problem early. In addition to working closely with the Linux* Foundation’s Hyperledger Project to help build out a blockchain fabric that makes sense for business, IBM has designed its cloud offering around technology specifically architected to prevent unauthorized access.

On any typical IT system, anyone with access to root user authority, system administrator credentials or other privileged user access has a lot of power to change code and view data. This is by design, as such administrative tasks are required to keep systems running. But it also opens the door to abuse by employees with an agenda or cybercriminals who routinely target administrators to steal their credentials.

IBM’s blockchain cloud offering, the IBM Blockchain High Security Business Network (HSBN) plan, is exclusively hosted on IBM LinuxONE* servers because they have a unique capability to run blockchain networks as “black box” appliances. The technology, called the IBM Secure Service Container, enables an execution environment that utilizes advanced virtualization, encryption and hashing to prevent system admin access.

Once the appliance image is built, OS access into the appliance isn’t possible. Within the appliance, memory access is disabled and all disk associated with the image is encrypted—even debug data. Root users and system administrators are unable to access blockchain contents, adjust chain code or install malware when the blockchain network is installed in a Secure Service Container.

IBM’s z Systems* and LinuxONE servers already offer hardware virtualization certified to the highest commercially available international standards: Evaluation Assurance Level 5. The added protections provided by Secure Service Container deliver a level of security that goes beyond this and any other current standard.

The z Systems and LinuxONE protections against abuse extend to encryption keys as well, as critical keys are protected by a tamper-responsive hardware security module certified to FIPS 140-2 Level 4; again, the highest commercially available level.

Digital Vault

It’s expected that blockchain networks, built on private distributed ledger technologies, will concentrate high degrees of wealth—making them ideal targets for attack. To combat this, IBM early adopter Everledger is using the HSBN offering to maintain an unalterable record—a “digital vault”—to combat tampering and fraud.

Leanne Kemp, CEO, Everledger, estimates this fraud to be a $2 billion problem in London alone. With so much money at risk, Kemp sees no choice but to establish her blockchain network on the only cloud service built on the industry’s most secure server platform. As Kemp puts it, “Everledger on IBM Blockchain, underpinned by highly secure infrastructure, is a game changer.”

The value of the blockchain technology market is currently being forecast in the billions of dollars over the next five to 10 years ( The market value of the commodities, services and information flowing through private blockchain networks should easily run in the tens to hundreds of billions—if not higher.

With this much at stake, you want your blockchain network running on the only service built on servers designed to keep that value safe: IBM’s z Systems and LinuxONE platforms.

Paul DiMarzio is a mainframe strategist with nearly 30 years experience with IBM focused on bringing new and emerging technologies to the mainframe.

comments powered by Disqus



2017 Solutions Edition

A Comprehensive Online Buyer's Guide to Solutions, Services and Education.


IBM Delivers Additional Protection for Blockchain

Build A Solid Foundation

The zEnterprise delivers value as the cornerstone for business applications


Blockchain’s Potential Extends Beyond the Financial Industry

IBM Systems Magazine Subscribe Box Read Now Link Subscribe Now Link iPad App Google Play Store
Mainframe News Sign Up Today! Past News Letters