In computing, security-evaluated operating systems have achieved certification from an external security-auditing organization, such as a B2 or A1 CSC-STD-001-83 "Department of Defense Trusted Computer System Evaluation Criteria" or Common Criteria (CC) certification.
Note that meeting a given set of evaluation criteria does not make a computer operating system "secure".
Certificates do not endorse the "goodness" of an IT product by any organization that recognizes or gives effect to the certificate. A certificate represents the successful completion of a validation that a product met CC requirements for which it was evaluated/tested.
Note that certification applies to a particular configuration of the system running on a certain set of hardware; the certificate is only valid for this specific configuration, and does not extend to the same software if any aspect of the installation varies in any way. Often these scenarios are extremely limited compared to the normal environments in which computer operating systems usually run.
Moreover, the field of operating systems which can apply to be evaluated is restricted to those with strong financial backing, because of the costs that ensue. In general, major vendors get listed, while this does not mean that other solutions, such as open-source solutions, couldn't reach or exceed this level of security under certain circumstances, without even having tried to pass this advocacy evaluation.
Contents |
Trusted Solaris is a security-focused version of the Solaris Unix operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable authentication, mandatory access control, additional physical authentication devices, and fine-grained access control(FGAC). Versions of Trusted Solaris through version 8 are Common Criteria certified. See [1] and [2] Trusted Solaris Version 8 received the EAL4 certification level augmented by a number of protection profiles. See [3] for explanation of The Evaluation Assurance Levels.
BAE Systems' STOP version 6.0.E received an EAL4+ in April 2004 and the 6.1.E version received an EAL5+ certification in March 2005. STOP version 6.4 U4 received an EAL5+ certification in July 2008. Versions of STOP prior to STOP 6 have held B3 certifications under TCSEC. While STOP 6 is binary compatible with Linux, it does not derive from the Linux kernel. See [4] for an overview of the system.
Red Hat Enterprise Linux 5 achieved EAL4+ in June 2007.[1][2]
Novell's SUSE Linux Enterprise Server 9 running on an IBM eServer was certified at CAPP/EAL4+ in February 2005. See News release at heise.de
The following versions of Microsoft Windows have received EAL 4 Augmented ALC_FLR.3 certification:
Apple's Mac OS X and Mac OS X Server running 10.3.6 both with the Common Criteria Tools Package installed were certified at CAPP/EAL3 in January 2005. [5]
Apple's Mac OS X & Mac OS X Server running the latest version 10.4.6 have not yet been fully evaluated however the Common Criteria Tools package is available.[3]
Gemini Multiprocessing Secure Operating System [6] is a TCSEC A1 system that runs on x86 processor type COTS hardware.
CC B1/B3[4] system formerly of Digital Equipment Corporation (DEC) later Compaq, now[update] Hewlett-Packard (HP).[5]
Green Hills Software's INTEGRITY-178B real-time operating system was certified at Common Criteria EAL6+ in September 2008. [7] running on an embedded PowerPC processor on a Compact PCI card.
![[2]](http://wwws.sun.com/software/security/securitycert/images/TSol8_7-03CMS.jpg){kind=link}