词条 | Security-evaluated operating system |
释义 |
In computing, security-evaluated operating systems have achieved certification from an external security-auditing organization, the most popular evaluations are Common Criteria (CC) and FIPS 140-2. Oracle SolarisTrusted Solaris 8 was a security-focused version of the Solaris Unix operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable authentication, mandatory access control, additional physical authentication devices, and fine-grained access control(FGAC). Versions of Trusted Solaris through version 8 are Common Criteria certified. See [https://web.archive.org/web/20041013000439/http://wwws.sun.com/software/security/securitycert/trustedsolaris.html] andTrusted Solaris Version 8 received the EAL4 certification level augmented by a number of protection profiles. See [https://web.archive.org/web/20040621163731/http://csrc.nist.gov/cc/Documents/CC%20v2.1%20-%20HTML/PART3/PART36.HTM] for explanation of The Evaluation Assurance Levels. BAE Systems' STOPBAE Systems' STOP version 6.0.E received an EAL4+ in April 2004 and the 6.1.E version received an EAL5+ certification in March 2005. STOP version 6.4 U4 received an EAL5+ certification in July 2008. Versions of STOP prior to STOP 6 have held B3 certifications under TCSEC. While STOP 6 is binary compatible with Linux, it does not derive from the Linux kernel. See for an overview of the system. Red Hat Enterprise Linux 5Red Hat Enterprise Linux 5 achieved EAL4+ in June 2007.[1][2]Red Hat Enterprise Linux 6Red Hat Enterprise Linux Version 6.2 on 32 bit x86 Architecture achieved EAL4+ in December 2014.[3]Red Hat Enterprise Linux Version 6.2 with KVM Virtualization for x86 Architectures achieved EAL4+ in October 2012.[4]Novell SUSE Linux Enterprise ServerNovell's SUSE Linux Enterprise Server 9 running on an IBM eServer was certified at CAPP/EAL4+ in February 2005. See [https://web.archive.org/web/20050221071252/http://www.heise.de/english/newsticker/news/56451 News release at heise.de] Microsoft WindowsThe following versions of Microsoft Windows have received EAL 4 Augmented ALC_FLR.3 certification:
Mac OS XApple's Mac OS X and Mac OS X Server running 10.3.6 both with the Common Criteria Tools Package installed were certified at CAPP/EAL3 in January 2005. [https://web.archive.org/web/20060715032340/http://niap.nist.gov/cc-scheme/vpl/vpl_type.html#operatingsystem] Apple's Mac OS X & Mac OS X Server running the latest version 10.4.6 have not yet been fully evaluated however the Common Criteria Tools package is available.[5] GEMSOSGemini Multiprocessing Secure Operating System is a TCSEC A1 system that runs on x86 processor type COTS hardware. HP OpenVMS and SEVMSThe SEVMS [6] enhancement to VMS is a CC B1/B3[7] system formerly of Digital Equipment Corporation (DEC) later Compaq, {{as of | 2008 | alt = now}} Hewlett-Packard (HP).[8] Green Hills INTEGRITY-178BGreen Hills Software's INTEGRITY-178B real-time operating system was certified at Common Criteria EAL6+ in September 2008. running on an embedded PowerPC processor on a Compact PCI card. Unisys MCPThe Unisys MCP operating system includes an implementation of the DoD Orange Book C2 specification, the controlled access protection sub-level of discretionary protection.[9] MCP/AS obtained the C2 rating in August, 1987.[9] Unisys OS 2200The Unisys OS 2200 operating system includes an implementation of the DoD Orange Book B1, Labeled security protection level specification.[10] OS 2200 first obtained a successful B1 evaluation in September, 1989.[11] Unisys maintained that evaluation until 1994 through the National Computer Security Center Rating Maintenance Phase (RAMP) of the Trusted Product Evaluation Program.[12][13] See also
External links
References1. ^http://www.niap-ccevs.org/cc-scheme/st/?vid=10165 2. ^http://www.niap-ccevs.org/cc-scheme/st/index.cfm/vid/10125 3. ^https://www.commoncriteriaportal.org/files/epfiles/0924a_pdf.pdf 4. ^https://www.commoncriteriaportal.org/files/epfiles/0754a_pdf.pdf 5. ^https://www.apple.com/support/downloads/commoncriteriatoolsfor104.html 6. ^http://h71000.www7.hp.com/openvms/products/sevms/ 7. ^OpenVMS security presentation 8. ^http://citeseer.ist.psu.edu/428108.html 9. ^{{cite book|publisher= National Computer Security Center|date=September 27, 1989|title= Final Evaluation Report of Unisys Corporation A Series MCP/AS Release 3.7 (CSC-EPL-87/003, Library No. S228,515)|publication-place=9800 Savage Road, Fort George G. Meade, Maryland 20755-6000|url= http://www.dtic.mil/dtic/tr/fulltext/u2/a208007.pdf}} 10. ^1 {{cite book|publisher=National Security Institute|year=1985|title=Department of Defense Trusted Computer System Evaluation Criteria (NSI 5200.28-STD)|url=http://nsi.org/Library/Compsec/orangebo.txt}} 11. ^{{cite book|publisher= National Computer Security Center|date=September 27, 1989|title= Final Evaluation Report of Unisys Corporation OS 1100 (CSC-EPL-89/004, Library No. S33,122)|publication-place=9800 Savage Road, Fort George G. Meade, Maryland 20755-6000|url= http://www.dtic.mil/dtic/tr/fulltext/u2/a234058.pdf}} 12. ^{{cite book|publisher= National Computer Security Center|date=July 26, 1994|title= Final Evaluation Report Unisys Corporation OS 1100/2200 (CSC-EPL-76/999, Library No. S225,nnn)|publication-place=9800 Savage Road, Fort George G. Meade, Maryland 20755-6000}} 13. ^{{cite book|publisher= National Computer Security Center|date=23 June 1989|title= Rating Maintenance Phase Program Document (NCSC-TG-013-89, Library No. S-232,468)|publication-place=9800 Savage Road, Fort George G. Meade, Maryland 20755-6000|url= http://securityv.isu.edu/isl/ncsctg13.html}} 2 : Operating system security|Computer security procedures |
随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。