|
|
Rubrik: World-wide News/Products & News Solaris
10 Achieves Most Complete Global Security Certification for x86 and SPARC Solaris
10 11/06 with Trusted Extensions Combines Real World Deployability and
Virtualization With Common Criteria Certification for LSPP at EAL 4+ (29.07.08)
- Sun Microsystems announced the completion of a significant security
benchmark for the "Solaris 10" Operating System (OS). Solaris 10
11/06 with Solaris Trusted Extensions has achieved Common Criteria
Certification for the Labeled Security Protection Profile (LSPP) at
Evaluation Assurance Level (EAL) 4+, the highest commonly recognized global
security certification. This allows Solaris 10 to be deployed by customers
requiring Multi-Level Security (MLS) protection and independent validation of
an OS security model - such as financial, healthcare and government
institutions.
Anzeige
Solaris
10 11/06 with Solaris Trusted Extensions achieved LSPP at EAL 4+ for both Sun
x86/64 and SPARC systems while combining both desktop and server-based
functionality. Certification included testing Solaris 10 on a wide range of
systems, to most accurately simulate a real-world environment where customers
need to view and share data securely in a multi-level manner. This enables
security level data, such as files marked "top secret" or
"confidential", to be shared securely among non-label aware systems
with heterogeneous connections. "In
deployment environments where system and data security are the chief objectives,
customers demand an OS that delivers complete security without compromise.
Completion of the Common Criteria Certification for LSPP at EAL 4+ validates
Solaris 10 as an unsurpassed OS in terms of security performance, while also
delivering the benefits customers have come to expect from Solaris such as
reliability, virtualization capabilities, scalability and ease of use,"
said Jim McHugh, vice president of marketing for Solaris, Sun Microsystems.
"Customers will be pleased to know that Solaris was tested and certified
in a dynamic, realistic computing environment on a variety of Sun x86 and
SPARC systems. We feel this is an achievement that virtually no competing OS
on the market can match." Common
Criteria Certification for Solaris 10 11/06 with Trusted Extensions included
tests for several additional functions in MLS environments including use of
an LDAP-based enterprise directory server and use of network sharing of
labeled file systems. With Solaris Containers, Solaris 10 11/06 with Trusted
Extensions is also the first OS to complete LSPP using operating system
virtualization. Solaris Containers allow a user to maximize system resources
by enabling the creation of many private, labeled execution environments
within a single instance of Solaris, running on a single system. Testing also
included the first use of a multi-level GNOME-based graphical user interface
(GUI), rather than just a command line interface for users. In
addition to certification for the LSPP, Solaris 10 11/06 with Trusted
Extensions has previously received Common Criteria Certification for the
Controlled Access Protection Profile (CAPP) and Role Based Access Control
Protection Profile (RBACPP), both at EAL4+. Common Criteria testing for
Solaris 10 for all three profiles was conducted by CGI Information Systems
and Management Consultants, Inc., in About Solaris Trusted Extensions Solaris
Trusted Extensions is a mandatory access control extension to the proven
Solaris 10 security model. It utilizes User and Process Rights Management,
Solaris Containers, file systems, and networking without requiring a new or
separate kernel and doesn't require ISVs to requalify their applications to
run them with sensitivity labels. Because it's an extension to the Solaris 10
OS security policy, Solaris Trusted Extensions technology is flexible and
quick to deploy: a user can add new applications, new users, and more, very
quickly, without extensive analysis of each application - and without the
need to write complex, error-prone security policies. (Sun: ra) |
||
|
