News, tips, partners, and perspectives for the Oracle Linux operating system and upstream Linux kernel work

  • April 19, 2018

Oracle Linux 7 enters Common Criteria Evaluation

Scott Lynn
Director of Product Management GraalVM

Before I get into talking about this, a word from Oracle Legal:

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions.  The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle Corporation.

That said, back in November 2017, Oracle Linux 7 has initiated a Common Criteria certification compliant to the US Protection Profile for General Purpose Operating Systems Version 4.1. The CCRA includes 28 countries; any evaluation done in one of the CCRA certifying countries are “mutually recognized.”

Common Criteria is an international framework (ISO/IEC 15408) which defines a common approach for evaluating security features and capabilities of Information Technology security products.

A certified product is one that a recognized Certification Body asserts as having been evaluated by a qualified, accredited, and independent evaluation laboratory competent in the field of IT security evaluation to the requirements of the Common Criteria and Common Methodology for Information Technology Security Evaluation.

The Oracle Linux operating system is an open foundation for the cloud. It is developed and extensively tested with demanding enterprise workloads like Oracle Database as well as many third-party applications in public and private clouds.

While Oracle Linux is open source and includes standard technologies, tools, and features, Oracle extends the release to deliver a complete, integrated, and supported platform for performance-driven production workloads. In addition to the Red Hat Compatible Kernel (RHCK), Oracle supplies the optimized Unbreakable Enterprise Kernel for Oracle Linux(UEK), which was first developed to support highly scalable Oracle Database, applications and Oracle Engineered Systems. Oracle provides flexible and cost-effective Linux support and the updates and software releases are free to download and distribute.

The Oracle Linux 7 evaluation can be viewed on the Swedish Scheme Common Criteria In Process Page until the evaluation completes.

For more information on Oracle’s participation in the Common Criteria program, please visit the main Common Criteria information page.

For a complete list of Oracle products with Common Criteria certifications and FIPS 140-2 validations, please see the Security Evaluations website.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.