By uwes on Feb 19, 2012
Evaluations team is please to announce Oracle Solaris 11 is in official In Evaluation status under the Canadian Common Criteria Scheme at Evaluation Assurance Level (EAL) 4 Augmented by Flaw Remediation. EAL4 is the highest level typically achievable for commercial software, and is the highest level mutually recognized by 26 countries under the Common Criteria Recognition Arrangement (CCRA). Although taking the evaluation above EAL4, Flaw Remediation is also accepted under the CCRA.
The evaluation is being conducted against the Operating System Protection Profile (OS PP) and includes the following four optional extended packages. (1) Advanced Management (AM), (2) Extended Identification and Authentication (EIA), (3) Labeled Security (LS), and (4) Virtualization (VIRT). We anticipate that very shortly we will also be evaluating against the NSA U.S. Government Protection Profile for General-Purpose Operating Systems in a Networked Environment at EAL2. The evaluation will also be attempting to achieve a greater degree of hardware platform independence for Solaris than has been the case previously.
Since the Common Criteria evaluation is an independent activity conducted by a third party facility, eventual success is not guaranteed and some aspects are subject to change and out of Oracle's direct control. Completion timescales in particular are not published, and may be adjusted according to the evaluation findings and remediation requirements.
* Web Links *
- Oracle External Website
- Canadian Common Criteria Scheme Website
- The Common Criteria Recognition Arrangement
- Operating System Protection Profile
- U.S. Government Protection Profile for General-Purpose
Operating Systems in a Networked Environment