security-evaluated operating system

Trusted Solaris 8 was a security-focused version of the Solaris Unix operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable authentication, mandatory access control, additional physical authentication devices, and fine-grained access control(FGAC). Versions of Trusted Solaris through version 8 are Common Criteria certified.{{Cite web |last=Fischer |first=PJ |date=30 March 2004 |title=CESG INFORMATION ASSURANCE AND CERTIFICATION SERVICES |url=http://www.sun.com/software/security/securitycert/images/TSol8_7-03CMS.jpg |url-status=usurped |archive-url=https://web.archive.org/web/20070312070621/http://www.sun.com/software/security/securitycert/images/TSol8_7-03CMS.jpg |archive-date=12 March 2007}}{{Cite web |date=2004-10-13 |title=Sun Common Criteria Certification |url=http://wwws.sun.com/software/security/securitycert/trustedsolaris.html |archive-url=https://web.archive.org/web/20041013000439/http://wwws.sun.com/software/security/securitycert/trustedsolaris.html |archive-date=13 October 2004 |access-date=2023-02-17 |website=Sun Microsystems}}

Trusted Solaris Version 8 received the EAL 4 certification level augmented by a number of protection profiles. {{r|g=nb|r=See [https://web.archive.org/web/20040621163731/http://csrc.nist.gov/cc/Documents/CC%20v2.1%20-%20HTML/PART3/PART36.HTM 6 Evaluation assurance levels] for explanation of The Evaluation Assurance Levels.}}

BAE Systems' STOP version 6.0.E received an EAL4+ in April 2004 and the 6.1.E version received an EAL5+ certification in March 2005. STOP version 6.4 U4 received an EAL5+ certification in July 2008. Versions of STOP prior to STOP 6 have held B3 certifications under TCSEC. While STOP 6 is binary compatible with Linux, it does not derive from the Linux kernel. See for an overview of the system.{{Cite web |url=https://www.baesystems.com/ProductsServices/bae_prod_csit_xts400.html |access-date=2024-03-01 |website=www.baesystems.com}}

Red Hat Enterprise Linux Version 7.1 achieved EAL4+ in October 2016.{{Cite web|title=Red Hat Achieves Common Criteria Security Certification for Red Hat Enterprise Linux 7|url=https://www.redhat.com/en/about/press-releases/red-hat-achieves-common-criteria-security-certification-red-hat-enterprise-linux-7|access-date=2023-02-17|website=www.redhat.com|date=26 October 2016 |language=en}}

Red Hat Enterprise Linux Version 6.2 on 32 bit x86 Architecture achieved EAL4+ in December 2014.{{Cite report |url=https://www.commoncriteriaportal.org/files/epfiles/0924a_pdf.pdf |title=Certification Report BSI-DSZ-CC-0924-2014 for Red Hat Enterprise Linux on 32 bit x86 Architecture, Version 6.2 from Red Hat, Inc. |last=Weber |first=Joachim |date=28 May 2010 }}

Red Hat Enterprise Linux Version 6.2 with KVM Virtualization for x86 Architectures achieved EAL4+ in October 2012.{{Cite report |url=https://www.commoncriteriaportal.org/files/epfiles/0754a_pdf.pdf |title=Cerfification Report BSI-DSZ-CC-0754-2012 for Red Hat Enterprise Linux, Version 6.2 with KVM Virtualization for x86 Architectures from Red Hat, Inc. |last=Kowalski |first=Bernd |date=23 October 2012 |publisher=Federal Office for Information Security}}

Red Hat Enterprise Linux 5 achieved EAL4+ in June 2007.{{cite web |url=http://www.niap-ccevs.org/cc-scheme/st/?vid=10165 |url-status=dead |archive-url=https://web.archive.org/web/20071214060630/http://www.niap-ccevs.org/cc%2Dscheme/st/?vid=10165 |archive-date=2007-12-14 |title=CCEVS: Validated Product - Red Hat Enterprise Linux Version 5}}{{cite web |url=http://www.niap-ccevs.org/cc-scheme/st/index.cfm/vid/10125 |title = NIAP}}

Novell's SUSE Linux Enterprise Server 15 is certified for IBM Z, Arm and x86-64 at CAPP/EAL4+ in August 2021. See.{{Cite web |title=SUSE Linux Enterprise Earns Common Criteria EAL 4+,... |url=https://www.suse.com/news/SUSE-Linux-Enterprise-Earns-Common-Criteria-Certification/ |access-date=2024-03-01 |website=www.suse.com |language=en}}

Novell's SUSE Linux Enterprise Server 9 running on an IBM eServer was certified at CAPP/EAL4+ in February 2005. See [https://web.archive.org/web/20050221071252/http://www.heise.de/english/newsticker/news/56451 News release at heise.de].

The following versions of Microsoft Windows have received EAL 4 Augmented ALC_FLR.3 certification:

• Windows 2008 Server (64-bit), Enterprise (64-bit) and Datacenter, as well as Windows Vista Enterprise (both 32-bit and 64-bit) attained EAL 4 Augmented (colloquially referred to as EAL 4+) ALC_FLR.3 status in [http://www.commoncriteriaportal.org/files/epfiles/st_vid10291-st.pdf 2009].
• Windows 2000 Server, Advanced Server, and Professional, each with Service Pack 3 and Q326886 Hotfix operating on the x86 platform were certified as [https://web.archive.org/web/20041211111405/http://niap.nist.gov/cc-scheme/st/ST_VID4002-VR.pdf CAPP/EAL 4 Augmented ALC_FLR.3] in October 2002. (This includes standard configurations as Domain Controller, Server in a Domain, Stand-alone Server, Workstation in a Domain, Stand-alone Workstation)
• Windows XP Professional and Embedded editions, with Service Pack 2, and Windows Server 2003 Standard and Enterprise editions (32-bit and 64-bit), with Service Pack 1, were all [http://www.microsoft.com/presspass/press/2005/dec05/12-14CommonCriteriaPR.mspx certified] in December 2005.

Apple's Mac OS X and Mac OS X Server running 10.3.6 both with the Common Criteria Tools Package installed were certified at CAPP/EAL3 in January 2005. [https://web.archive.org/web/20060715032340/http://niap.nist.gov/cc-scheme/vpl/vpl_type.html#operatingsystem]

Apple's Mac OS X & Mac OS X Server running the latest version 10.4.6 have not yet been fully evaluated however the Common Criteria Tools package is available.{{cite web |url=https://www.apple.com/support/downloads/commoncriteriatoolsfor104.html |title=Apple - Support - Downloads - Common Criteria Tools for 10.4 |website=www.apple.com |url-status=dead |archive-url=https://web.archive.org/web/20050503222757/http://www.apple.com/support/downloads/commoncriteriatoolsfor104.html |archive-date=2005-05-03}}

Some{{which|date=April 2025}} versions of Gemini Multiprocessing Secure Operating System [http://www.aesec.com/]{{primary source inline|date=April 2025}} were qualified as a TCSEC A1 system. GEMSOS runs on x86 processor type COTS hardware.

The SEVMS {{cite web|url= http://h71000.www7.hp.com/openvms/products/sevms/|title=Security Enhanced VMS (SEVMS) |archive-url= https://web.archive.org/web/20151119105617/http://h71000.www7.hp.com/openvms/products/sevms/|archive-date=2015-11-19|website=Hewlett Packard}} enhancement to VMS was a CC B1/B3{{Cite web |url=http://www.decus.de/slides/sy2000/Vortraege_2803/1M01.PDF |title=OpenVMS security presentation |access-date=2006-06-16 |archive-date=2007-10-24 |archive-url=https://web.archive.org/web/20071024112653/http://www.decus.de/slides/sy2000/Vortraege_2803/1M01.PDF |url-status=dead }} system formerly of Digital Equipment Corporation (DEC). A standard OpenVMS installation is rated as CC C2.National Computer Security Center (NCSC) Trusted Product Evaluation List (TPEL)

Green Hills Software's INTEGRITY-178B real-time operating system was certified at Common Criteria EAL6+ in September 2008, [http://www.niap-ccevs.org/st/vid10119/] running on an embedded PowerPC processor on a Compact PCI card.

The Unisys MCP operating system includes an implementation of the DoD Orange Book C2 specification, the controlled access protection sub-level of discretionary protection. MCP/AS obtained the C2 rating in August, 1987.{{cite book|publisher= National Computer Security Center|date=September 27, 1989|title= Final Evaluation Report of Unisys Corporation A Series MCP/AS Release 3.7 (CSC-EPL-87/003, Library No. S228,515)|location=Fort George G. Meade, MD|url= http://apps.dtic.mil/dtic/tr/fulltext/u2/a208007.pdf|archive-url= https://web.archive.org/web/20160304060308/http://www.dtic.mil/dtic/tr/fulltext/u2/a208007.pdf|url-status= live|archive-date= March 4, 2016}}

The Unisys OS 2200 operating system includes an implementation of the DoD Orange Book B1, Labeled security protection level specification.{{cite book|publisher=National Security Institute|year=1985|title=Department of Defense Trusted Computer System Evaluation Criteria (NSI 5200.28-STD)|url=http://nsi.org/Library/Compsec/orangebo.txt|access-date=2015-06-03|archive-date=2009-06-25|archive-url=https://web.archive.org/web/20090625195703/http://nsi.org/Library/Compsec/orangebo.txt|url-status=dead}} OS 2200 first obtained a successful B1 evaluation in September, 1989.{{cite book|publisher= National Computer Security Center|date=September 27, 1989|title= Final Evaluation Report of Unisys Corporation OS 1100 (CSC-EPL-89/004, Library No. S33,122)|location=Fort George G. Meade, MD|url= http://apps.dtic.mil/dtic/tr/fulltext/u2/a234058.pdf|archive-url= https://web.archive.org/web/20170224183457/http://www.dtic.mil/dtic/tr/fulltext/u2/a234058.pdf|url-status= live|archive-date= February 24, 2017}}

Unisys maintained that evaluation until 1994 through the National Computer Security Center Rating Maintenance Phase (RAMP) of the Trusted Product Evaluation Program.{{cite book|publisher= National Computer Security Center|date=July 26, 1994|title= Final Evaluation Report Unisys Corporation OS 1100/2200 (CSC-EPL-76/999, Library No. S225,nnn)|location=Fort George G. Meade, MD}}{{cite book|publisher= National Computer Security Center|date= 23 June 1989|title= Rating Maintenance Phase Program Document (NCSC-TG-013-89, Library No. S-232,468)|location= Fort George G. Meade, MD|url= http://securityv.isu.edu/isl/ncsctg13.html|access-date= 3 June 2015|archive-date= 5 March 2016|archive-url= https://web.archive.org/web/20160305072750/http://securityv.isu.edu/isl/ncsctg13.html|url-status= dead}}

• Comparison of operating systems
• Security-focused operating system
• Trusted operating system

{{reflist|group = nb}}

• The [https://www.commoncriteriaportal.org/products/ common criteria portal's products list] has an "Operating Systems" category containing CC certification results

{{reflist}}

Category:Operating system security

Category:Computer security procedures