Security-evaluated operating system
In computing, security-evaluated operating systems have achieved certification from an external security-auditing organization, the most popular evaluations are Common Criteria (CC) and FIPS 140-2.
Oracle Solaris
Trusted Solaris 8 was a security-focused version of the Solaris Unix operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable authentication, mandatory access control, additional physical authentication devices, and fine-grained access control(FGAC). Versions of Trusted Solaris through version 8 are Common Criteria certified. See and Trusted Solaris Version 8 received the EAL4 certification level augmented by a number of protection profiles. See for explanation of The Evaluation Assurance Levels.
BAE Systems' STOP
BAE Systems' STOP version 6.0.E received an EAL4+ in April 2004 and the 6.1.E version received an EAL5+ certification in March 2005. STOP version 6.4 U4 received an EAL5+ certification in July 2008. Versions of STOP prior to STOP 6 have held B3 certifications under TCSEC. While STOP 6 is binary compatible with Linux, it does not derive from the Linux kernel. See for an overview of the system.
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 5 achieved EAL4+ in June 2007.[1][2]
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 6 achieved EAL4+ in October 2012.[3]
Novell SUSE Linux Enterprise Server
Novell's SUSE Linux Enterprise Server 9 running on an IBM eServer was certified at CAPP/EAL4+ in February 2005. See News release at heise.de
Microsoft Windows
The following versions of Microsoft Windows have received EAL 4 Augmented ALC_FLR.3 certification:
- Windows 2000 Server, Advanced Server, and Professional, each with Service Pack 3 and Q326886 Hotfix operating on the x86 platform were certified as CAPP/EAL 4 Augmented ALC_FLR.3 in October 2002. (This includes standard configurations as Domain Controller, Server in a Domain, Stand-alone Server, Workstation in a Domain, Stand-alone Workstation)
- Windows XP Professional and Embedded editions, with Service Pack 2, and Windows Server 2003 Standard and Enterprise editions (32-bit and 64-bit), with Service Pack 1, were all certified in December 2005.
Mac OS X
Apple's Mac OS X and Mac OS X Server running 10.3.6 both with the Common Criteria Tools Package installed were certified at CAPP/EAL3 in January 2005.
Apple's Mac OS X & Mac OS X Server running the latest version 10.4.6 have not yet been fully evaluated however the Common Criteria Tools package is available.[4]
GEMSOS
Gemini Multiprocessing Secure Operating System is a TCSEC A1 system that runs on x86 processor type COTS hardware.
HP OpenVMS and SEVMS
CC B1/B3[5] system formerly of Digital Equipment Corporation (DEC) later Compaq, now Hewlett-Packard (HP).[6]
Green Hills INTEGRITY-178B
Green Hills Software's INTEGRITY-178B real-time operating system was certified at Common Criteria EAL6+ in September 2008. running on an embedded PowerPC processor on a Compact PCI card.
See also
References
- ↑ http://www.niap-ccevs.org/cc-scheme/st/?vid=10165
- ↑ http://www.niap-ccevs.org/cc-scheme/st/index.cfm/vid/10125
- ↑ http://be.redhat.com/about/news/press-archive/2012/10/red-hat-achieves-top-security-certification-for-red-hat-enterprise-linux-6
- ↑ http://www.apple.com/support/downloads/commoncriteriatoolsfor104.html
- ↑ OpenVMS security presentation
- ↑ http://citeseer.ist.psu.edu/428108.html