Content deleted Content added
nevertheless, it does imply a certain amount of care in its design and due diligence in its testing. |
added public ___domain text from http://niap.nist.gov/cc-scheme/vpl/vpl_vendor.html |
||
Line 1:
Some [[operating system]]s have achieved a certification from an external security auditing organization, such as a B2 or A1 [[TCSEC|CSC-STD-001-83 "Department of Defense Trusted Computer System Evaluation Criteria"]] or [[Common Criteria]] certification.
Note that meeting a given set of evaluation criteria does not make a computer operating system "secure"
Certificates are not endorsements of the "goodness" of an IT product by any organization that recognizes or gives effect to the certificate. A certificate represents the successful completion of a validation that product met CC requirements for which it was evaluated/tested.
== [[Trusted Solaris]] ==
Trusted Solaris is a security-focused version of the [[Solaris Operating Environment|Solaris]] [[Unix]] operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable [[authentication]], mandatory [[access control]], additional physical authentication devices, and fine-grained access control. Versions of Trusted Solaris through version 8 are [[Common Criteria]] certified. See [http://wwws.sun.com/software/security/securitycert/trustedsolaris.html] and [http://wwws.sun.com/software/security/securitycert/images/TSol8_7-03CMS.jpg]
Trusted Solaris Version 8 recieved the EAL4 certification level augmented by a number of protection profiles. See [http://csrc.nist.gov/cc/Documents/CC%20v2.1%20-%20HTML/PART3/PART36.HTM] for explanation of The Evaluation Assurance Levels.
== [[Red Hat Enterprise Linux 3]] ==
Red Hat Enterprise Linux 3 was evaluated at [[EAL 2]] in February 2004. [http://niap.nist.gov/cc-scheme/vpl/vpl_vendor.html]
==
| |||