Common Criteria Certification

The Solaris 10 11/06 release of Trusted Extensions has finally received its Common Criteria certification. Like it's predecessor, Trusted Solaris 8, the assurance rating is EAL4+ in conformance with the Controlled Access, Role-Based Access, and Label Security Protection Profiles. The evaluation was performed by CGI Information Systems & Management Consultants Inc, and is listed on the Canadian Common Criteria list of certified products. You can also view the certificate and the Security Target on this page. The evaluated configuration, described in Section 2.3, page 8,  is the most comprehensive for any product at this level. Among the Solaris features included are both the JDS (GNOME) and CDE desktops, the Solaris Management Console, both SPARC, x64 and x86 hardware, UFS, ZFS and NFS, and a distributed configurations administered using LDAP.

The currently shipping release, Solaris 10 5/08, will go through the rating maintenance process so that the certification can be applied to the latest software and hardware.

Comments:

Congratulations, very impressive feat. Now maybe the powers that be will start using it. Looks like I'll be doing a lot of reading this weekend.

Posted by sastrugi on June 23, 2008 at 07:25 PM PDT #

Congratulations, Glenn!

Question: I followed some of the links and noted a sunset date on LSPP, which on the same line, referenced this page:

http://www.niap-ccevs.org/cc-scheme/pp/PP_OS_ML_MR2.0_V1.91.cfm

Are you planning for Solaris 10 TX to get that certification as well?

Posted by John Jesus on June 24, 2008 at 10:03 PM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

This blog explores some of the security features of Oracle Solaris. In particular, topics such as Role-Based Access Control and Labeled Security are my special interests.

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today
Bookmarks