Oracle Solaris 11.1 Gets Common Criteria Certification

The Oracle Solaris 11.1 operating system achieved a Common Criteria certification on March 18, 2014 at EAL4+  under the Canadian Common Criteria Scheme (CCCS) conformant to the BSI Operating System Protection Profile v2.0 2010-06-01 with the following 4 extended packages.

  1. Advanced Management v2.0, 2010-05-28
  2. Extended identification & Authentication v2.0, 2010-05-28 
  3. Labeled Security v2.0, 2010-05-28
  4. Virtualization v2.0, 2010-05-28 

The evaluation is summarized in the list of certified products. Here is copy of the actual certificate.

This is a major accomplishment which has been over two years in the making. Oracle Solaris 11 was formally accepted into evaluation on January 31, 2012. Unlike previous Solaris evaluations, the Trusted Extensions functionality is included as a standard feature of the OS, as well as Role-Based Access Control and Solaris Zones. In addition the evaluation required FIPS evaluation of the cryptographic modules. The details are included in the Certification Report.

Comments:

With the various tribulations going on behind the scenes around Common Criteria profiles, I wondered whether Solaris' certification process would come out of the limbo it seemed to have gone into - I'm therefore very pleased and relieved to see this announcement, especially as it has Trusted Extensions certified, too :-).

Hearty congratulations to all involved!

Posted by Dave Walker on April 01, 2014 at 04:11 AM PDT #

Hi ,

How to set the common profile to all users in solaris 11.1?

Posted by Venkata Sivareddy on September 02, 2014 at 01:47 AM PDT #

Default profiles that apply to all users can be specified using the PROFS_GRANTED keyword in policy.conf(4). This property takes a list of comma separated profile names.

If you want to exempt specific users from getting the default profiles, you can assign them the Stop profile which ignores the PROFS_GRANTED list.

Posted by Glenn Faden on September 02, 2014 at 08:54 AM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

This blog explores some of the security features of Oracle Solaris. In particular, topics such as Role-Based Access Control and Labeled Security are my special interests.

Search

Categories
Archives
« June 2015
SunMonTueWedThuFriSat
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today
Bookmarks