Application Security

IBM z16 offers artificial intelligence and Quantum-Safe levels of security

IBM z16 offers artificial intelligence and Quantum-Safe levels of security
Written by ga_dahmani
IBM z16 offers artificial intelligence and Quantum-Safe levels of security

Business transformation and disruption are all about data. But it’s not just about collecting huge amounts of data, it’s what you do with that data and how it can enable you to create valuable insights.

While many people focus on cloud unicorns, the reality is that industry incumbents have a huge head start. These companies have decades of experience that translates into massive amounts of data and business logic. Where do many of these companies host their most important workloads and data? IBM Z: the system better known as “the mainframe”.

Today, IBM announces its latest IBM Z system—IBM z16. Two weeks ago, IBM took time to brief the industry analyst community on the business strategy and technical underpinnings of IBM z16. We met with a variety of IBM business leaders, including IBM Systems Division executives, distinguished engineers, and IBM cloud leaders. The most significant updates to the platform are the inclusion of a dedicated on-chip AI accelerator and the addition of secure quantum cryptography.

It is important to understand the size of the IBM Z ecosystem. The platform is used by 45 of the world’s 50 largest banks, four of the top five airlines, and eight of the top 10 insurers, among others. Similarly, the partner ecosystem is huge, ranging from the largest system integrators to small technology providers focused on DevOps and AI. Suffice it to say that some of the world’s largest companies and governments run on IBM Z.

In this article, I will briefly cover the top five takeaways from the industry analyst briefings leading up to the announcement.

IBM is bringing AI to the mainframe

Many cloud data storage and analytics providers say “Bring me the data.” IBM is flipping the script, because IBM Z already houses customers’ most critical customer and operational data. The IBM z16 will ship with an on-chip accelerator for AI.

Everyone knows that AI creates competitive advantage, so why should you care about on-chip AI accelerator? The last mile of deploying machine learning/artificial intelligence (ML/AI) models remains a huge challenge. Companies are investing vast amounts of money and skills in model development; however, latency often kills. The difficulty is that ML/AI models must be integrated into applications so that the model can be executed at the point of transaction with virtually no delay. This must also be done on a large scale! Think of the latency and security concerns if near real-time banking transactions had to go from a back-end system to a cloud AI platform to check for fraudulent transactions.

For those of you who have been following the IBM Z platform, IBM z14 unveiled a pervasive encryption capability. This encryption-by-default approach without the traditional encryption overhead was enabled through a dedicated encryption chip. Similarly, AI workloads will be performed by the integrated AI accelerator.

Your AI infrastructure is only as powerful as your software ecosystem

Developers and data scientists want to use data, ML and AI tools they know and trust. AI success requires an open stack of software options, not a walled garden. While IBM has a wide range of AI technologies, including Watson machine learning for z/os, IBM Cloud Pak for data and IBM Cloud Pak for Watson AIOps, just to name a few, an IBM-only approach would fail for many data scientists.

The z16 AI accelerator supports a wide selection of ML compilers and libraries. Customers can build and train models on a variety of popular frameworks including TensorFlowSAS, Microsoft Cognitive Toolkit (Microsoft CNTK), PyTorch and Kerastogether with others.

The system uses ONNXan open source tool to enable interoperability of ML/AI models to prepare and deploy the model in dedicated AI accelerator.

What does this mean? You can bring your existing data models to z16. Plus, your teams can use their existing preferred vendors while working with the embedded IBM Z accelerator chip.

Cybersecurity Arms Race: Secure Quantum Cryptography is a Growing Need

Cybercrime is a multi-billion dollar business. While fairly routine exploits like phishing remain the number one moneymaker for cybercriminals, these nation-state sponsored gangs and organizations are becoming more sophisticated. For example, cybercriminals are investing in AI and ML just like traditional businesses. In some cases, Cyber ​​crime syndicate engineering employees believe they are working for a legitimate company..

What is secure quantum cryptography? The research is focused on identifying algorithms that are resistant to attacks from both classical and quantum computers.

Why is this a growing area of ​​concern? IBM, along with Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), offer quantum computing as a service. While quantum computing has enormous potential for applications in a wide range of industries, including drug discovery, chemical engineering, and combating climate change, keep in mind that cybercriminals are looking to this technology to unlock complex cryptographic algorithms. .

IBM claims that the IBM z16 is a “secure quantum system”. The company uses a variety of different hardware, software, and business process approaches to ensure data security. For example, the system includes a new crypto express card with quantum security APIs to upgrade the security of existing applications. At the firmware level, the IBM z16 has a built-in dual signature scheme.

Additionally, for several years, the IBM Z platform has adopted a zero-trust security approach that includes a BYOK (bring your own key) framework. The keys to your encrypted data can never be accessed by IBM, nor by cybercriminals or government organizations; instead, those encryption keys remain inside your firewall.

IBM Z Tech goes to the cloud; Mainframe remains on premises

What a difference a nine can make! Five 9s means 99.999% availability, while four 9s (99.99% availability) results in more than 47 minutes of downtime per year.

When I work with C-level executives who have a mainframe within their environment, the role of IBM Z is always discussed. In many cases, companies have explored going off the mainframe, but resiliency, predictability, and security are the reasons why companies stay on the platform.

IBM mainframe services are increasingly offered in the cloud. More recent, IBM announced testing of IBM Z in the cloud. Equally, IBM Cloud Hyper Protect Cryptographic Servicesa key management approach that uses a specific security chip module, is enabled by IBM Z technology.

However, you should not expect z17-as-a-service. Between latency, security, resiliency, governance, and compliance, it will be a long time before you migrate and/or ship your mainframe workloads to the cloud.

as author of Hybrid cloud for beginners and Cloud for Dummies 2nd ed. (among other books and articles) I can say with confidence that the cloud is not a panacea. The business case for moving many mainframe workloads to the cloud does not exist.

Digital transformation means more than fancy apps – plumbing stuff!

Don’t get me wrong, mobile check deposits, contactless airline ticketing, and hotel check-ins are all great, but in many cases, they rely on older systems that haven’t been updated.

A few weeks ago while traveling for work, my flights were delayed for hours. I saw that another flight would leave in an hour. It was already at the airport and I thought I could rebook it through the airline app. Of course, it wasn’t that easy: I finally went to the ticket counter and told the agent that I’d like to book a different flight. The agent then went to work; They spent a lot of time entering information into his system, talking to a colleague, asking for help, and asking me various questions. After about ten minutes, my flight was finally rebooked.

This airline has a great app experience when things run smoothly (so great, in fact, that I prefer to book my trip on the app instead of on the computer). However, even a small interruption caused everything to go off the rails. It is clear to me that the company still relies on old, broken processes and outdated technology.

my perspective

Bringing AI closer to data makes sense. The last mile of AI (transforming models into transactions) remains a huge challenge. I work with a lot of companies that have tons of data and I do an excellent job of retrospectively analyzing that data. However, making decisions based on real-time data remains a challenge due to latency and the fact that moving data between on-premises and cloud systems increases security and governance risks (in addition to costs).

Secure quantum security is a growing concern for highly regulated organizations in the banking, insurance, and government segments. In recent years, financial industry CIOs and CISOs/CSOs at large financial services organizations have focused on establishing a zero-trust approach to security. However, as attacks become more sophisticated, security teams are beginning to perform risk assessments on their approach to cryptography. The inclusion of secure quantum cryptography is important to IBM Z customers.

About the author


Leave a Comment