174 IBM eServer zSeries 900 Technical Guide
4.4 Software Corequisites
The Cryptographic Coprocessor, PCICC, and PCICA features have specific software
corequisites:
The Integrated Cryptographic Service Facility (ICSF) is the support program for the
cryptographic features (Cryptographic Coprocessor, PCICC and PCICA). It has been
integrated into OS/390 Version 2 and beyond.
The z900 server general purpose models require OS/390 Version 2 Release 9 at a
minimum. UDX requires OS/390 Version 2 Release 10.
The minimum Linux kernel level needed to gain access to PCICA is 2.4.7.
4.5 Certification
Cryptographic Coprocessor and TKE FIPS certification
The configuration of Cryptographic Coprocessor, excluding key-generation functions, has
been certified as Federal Information Processing Standard FIPS 140-1 Level 4.
PCI Cryptographic Coprocessor feature FIPS certification
The IBM PCI Cryptographic Coprocessor feature, along with segments 0 and 1 card code,
has earned the highest certification for commercial security ever awarded by the U.S.
government, Federal Information Processing Standard (FIPS) 140-1 Level 4 (only the OEM
part of the PCICC is covered by the certification).
EAL5 LPAR security
IBM is currently pursuing this level of certification for the z900 server.
4.6 References
For further information, see the following manuals:
ICSF for z/OS Overview
, SA22-7519
ICSF for z/OS Systems Programmer’s Guide
, SA22-7520
ICSF for z/OS Administrator’s Guide
, SA22-7521
ICSF for z/OS Application Programmer’s Guide
, SA22-7522
ICSF for z/OS Messages
, SA22-7523
ICSF for z/OS TKE Workstation User’s Guide
, SA22-7524
Hardware Management Console Operations Guide
, SC28-6815
Support Element Operations Guide
, SC28-6818
S/390 Crypto PCI Implementation Guide, SG24-5942
Get IBM eServer zSeries 900 Technical Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.