Security-evaluated operating system
Encyclopedia
In computing
, security-evaluated operating systems have achieved certification from an external security-auditing organization, such as a B2 or A1 CSC-STD-001-83 "Department of Defense Trusted Computer System Evaluation Criteria" or Common Criteria
(CC) certification.
Note that meeting a given set of evaluation criteria does not make a computer operating system
"secure".
Certificates do not endorse the "goodness" of an IT product by any organization that recognizes or gives effect to the certificate. A certificate represents the successful completion of a validation that a product met CC requirements for which it was evaluated/tested.
Note that certification applies to a particular configuration of the system running on a certain set of hardware; the certificate is only valid for this specific configuration, and does not extend to the same software if any aspect of the installation varies in any way. Often these scenarios are extremely limited compared to the normal environments in which computer operating systems usually run.
Moreover, the field of operating systems which can apply to be evaluated is restricted to those with strong financial backing, because of the costs that ensue. In general, major vendors get listed, while this does not mean that other solutions, such as open-source
solutions, couldn't reach or exceed this level of security under certain circumstances, without even having tried to pass this advocacy evaluation.
operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable authentication, mandatory access control
, additional physical authentication devices, and fine-grained access control(FGAC). Versions of Trusted Solaris through version 8 are Common Criteria
certified. See http://wwws.sun.com/software/security/securitycert/trustedsolaris.html and http://wwws.sun.com/software/security/securitycert/images/TSol8_7-03CMS.jpg
Trusted Solaris Version 8 received the EAL
4 certification level augmented by a number of protection profiles. See http://csrc.nist.gov/cc/Documents/CC%20v2.1%20-%20HTML/PART3/PART36.HTM for explanation of The Evaluation Assurance Levels.
' STOP version 6.0.E received an EAL
4+ in April 2004 and the 6.1.E version received an EAL
5+ certification in March 2005. STOP version 6.4 U4 received an EAL5+ certification in July 2008. Versions of STOP prior to STOP 6 have held B3 certifications under TCSEC. While STOP 6 is binary compatible with Linux, it does not derive from the Linux kernel
. See http://www.baesystems.com/ProductsServices/bae_prod_csit_xts400.html for an overview of the system.
5 achieved EAL
4+ in June 2007.
9 running on an IBM eServer was certified at CAPP/EAL
4+ in February 2005. See News release at heise.de
have received EAL 4 Augmented ALC_FLR.3 certification:
and Mac OS X Server running 10.3.6 both with the Common Criteria Tools Package installed were certified at CAPP/EAL
3 in January 2005. http://niap.nist.gov/cc-scheme/vpl/vpl_type.html#operatingsystem
Apple's Mac OS X & Mac OS X Server running the latest version 10.4.6 have not yet been fully evaluated however the Common Criteria Tools package is available.
A1 system that runs on x86
processor type COTS
hardware.
(DEC) later Compaq
, Hewlett-Packard
(HP).
Computing
Computing is usually defined as the activity of using and improving computer hardware and software. It is the computer-specific part of information technology...
, security-evaluated operating systems have achieved certification from an external security-auditing organization, such as a B2 or A1 CSC-STD-001-83 "Department of Defense Trusted Computer System Evaluation Criteria" or Common Criteria
Common Criteria
The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification...
(CC) certification.
Note that meeting a given set of evaluation criteria does not make a computer operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
"secure".
Certificates do not endorse the "goodness" of an IT product by any organization that recognizes or gives effect to the certificate. A certificate represents the successful completion of a validation that a product met CC requirements for which it was evaluated/tested.
Note that certification applies to a particular configuration of the system running on a certain set of hardware; the certificate is only valid for this specific configuration, and does not extend to the same software if any aspect of the installation varies in any way. Often these scenarios are extremely limited compared to the normal environments in which computer operating systems usually run.
Moreover, the field of operating systems which can apply to be evaluated is restricted to those with strong financial backing, because of the costs that ensue. In general, major vendors get listed, while this does not mean that other solutions, such as open-source
Open-source software
Open-source software is computer software that is available in source code form: the source code and certain other rights normally reserved for copyright holders are provided under a software license that permits users to study, change, improve and at times also to distribute the software.Open...
solutions, couldn't reach or exceed this level of security under certain circumstances, without even having tried to pass this advocacy evaluation.
Trusted Solaris
Trusted Solaris is a security-focused version of the Solaris UnixUnix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable authentication, mandatory access control
Access control
Access control refers to exerting control over who can interact with a resource. Often but not always, this involves an authority, who does the controlling. The resource can be a given building, group of buildings, or computer-based information system...
, additional physical authentication devices, and fine-grained access control(FGAC). Versions of Trusted Solaris through version 8 are Common Criteria
Common Criteria
The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification...
certified. See http://wwws.sun.com/software/security/securitycert/trustedsolaris.html and http://wwws.sun.com/software/security/securitycert/images/TSol8_7-03CMS.jpg
Trusted Solaris Version 8 received the EAL
Evaluation Assurance Level
The Evaluation Assurance Level of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to...
4 certification level augmented by a number of protection profiles. See http://csrc.nist.gov/cc/Documents/CC%20v2.1%20-%20HTML/PART3/PART36.HTM for explanation of The Evaluation Assurance Levels.
BAE Systems' STOP
BAE SystemsBAE Systems
BAE Systems plc is a British multinational defence, security and aerospace company headquartered in London, United Kingdom, that has global interests, particularly in North America through its subsidiary BAE Systems Inc. BAE is among the world's largest military contractors; in 2009 it was the...
' STOP version 6.0.E received an EAL
Evaluation Assurance Level
The Evaluation Assurance Level of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to...
4+ in April 2004 and the 6.1.E version received an EAL
Evaluation Assurance Level
The Evaluation Assurance Level of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to...
5+ certification in March 2005. STOP version 6.4 U4 received an EAL5+ certification in July 2008. Versions of STOP prior to STOP 6 have held B3 certifications under TCSEC. While STOP 6 is binary compatible with Linux, it does not derive from the Linux kernel
Linux kernel
The Linux kernel is an operating system kernel used by the Linux family of Unix-like operating systems. It is one of the most prominent examples of free and open source software....
. See http://www.baesystems.com/ProductsServices/bae_prod_csit_xts400.html for an overview of the system.
Red Hat Enterprise Linux 5
Red Hat Enterprise LinuxRed Hat Enterprise Linux
Red Hat Enterprise Linux is a Linux-based operating system developed by Red Hat and targeted toward the commercial market. Red Hat Enterprise Linux is released in server versions for x86, x86-64, Itanium, PowerPC and IBM System z, and desktop versions for x86 and x86-64...
5 achieved EAL
Evaluation Assurance Level
The Evaluation Assurance Level of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to...
4+ in June 2007.
Novell SUSE Linux Enterprise Server
Novell's SUSE Linux Enterprise ServerSUSE Linux Enterprise Server
SUSE Linux Enterprise Server is a Linux distribution supplied by SUSE and targeted at the business market. It is targeted for servers, mainframes, and workstations but can be installed on desktop computers for testing as well. New major versions are released at an interval of 3-4 years, while...
9 running on an IBM eServer was certified at CAPP/EAL
Evaluation Assurance Level
The Evaluation Assurance Level of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to...
4+ in February 2005. See News release at heise.de
Microsoft Windows
The following versions of Microsoft WindowsMicrosoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
have received EAL 4 Augmented ALC_FLR.3 certification:
- Windows 2000Windows 2000Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
Server, Advanced Server, and Professional, each with Service Pack 3 and Q326886 Hotfix operating on the x86 platform were certified as CAPP/EAL 4 Augmented ALC_FLR.3 in October 2002. (This includes standard configurations as Domain Controller, Server in a Domain, Stand-alone Server, Workstation in a Domain, Stand-alone Workstation)
- Windows XPWindows XPWindows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
Professional and Embedded editions, with Service Pack 2, and Windows Server 2003Windows Server 2003Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005...
Standard and Enterprise editions (32-bit and 64-bit), with Service Pack 1, were all certified in December 2005.
Mac OS X
Apple's Mac OS XMac OS X
Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems...
and Mac OS X Server running 10.3.6 both with the Common Criteria Tools Package installed were certified at CAPP/EAL
Evaluation Assurance Level
The Evaluation Assurance Level of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to...
3 in January 2005. http://niap.nist.gov/cc-scheme/vpl/vpl_type.html#operatingsystem
Apple's Mac OS X & Mac OS X Server running the latest version 10.4.6 have not yet been fully evaluated however the Common Criteria Tools package is available.
GEMSOS
Gemini Multiprocessing Secure Operating System http://www.aesec.com/ is a TCSECTrusted Computer System Evaluation Criteria
Trusted Computer System Evaluation Criteria is a United States Government Department of Defense standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system...
A1 system that runs on x86
IA-32
IA-32 , also known as x86-32, i386 or x86, is the CISC instruction-set architecture of Intel's most commercially successful microprocessors, and was first implemented in the Intel 80386 as a 32-bit extension of x86 architecture...
processor type COTS
Commercial off-the-shelf
In the United States, Commercially available Off-The-Shelf is a Federal Acquisition Regulation term defining a nondevelopmental item of supply that is both commercial and sold in substantial quantities in the commercial marketplace, and that can be procured or utilized under government contract...
hardware.
HP OpenVMS and SEVMS
CC B1/B3 system formerly of Digital Equipment CorporationDigital Equipment Corporation
Digital Equipment Corporation was a major American company in the computer industry and a leading vendor of computer systems, software and peripherals from the 1960s to the 1990s...
(DEC) later Compaq
Compaq
Compaq Computer Corporation is a personal computer company founded in 1982. Once the largest supplier of personal computing systems in the world, Compaq existed as an independent corporation until 2002, when it was acquired for US$25 billion by Hewlett-Packard....
, Hewlett-Packard
Hewlett-Packard
Hewlett-Packard Company or HP is an American multinational information technology corporation headquartered in Palo Alto, California, USA that provides products, technologies, softwares, solutions and services to consumers, small- and medium-sized businesses and large enterprises, including...
(HP).
Green Hills INTEGRITY
Green Hills Software's INTEGRITY-178B real-time operating system was certified at Common Criteria EAL6+ in September 2008. http://www.niap-ccevs.org/st/vid10119/ running on an embedded PowerPC processor on a Compact PCI card.See also
- Comparison of operating systemsComparison of operating systemsThese tables compare general and technical information for a number of widely used and currently available operating systems.Because of the large number and variety of available Linux distributions, they are all grouped under a single entry; see comparison of Linux distributions for a detailed...
- Security-focused operating system
- Trusted operating systemTrusted operating systemTrusted Operating System generally refers to an operating system that provides sufficient support for multilevel security and evidence of correctness to meet a particular set of government requirements....
External links
- NIST published list of CC Evaluated Products
- Roger R. SchellRoger R. SchellRoger R. Schell is President of ÆSec, a company focused on appliances built on hardened platforms for secure, reliable e-business on the Internet. For several years he managed the development and delivery of security for several Novell releases of network software products including an integral...
: GEMSOS presentation