trusted operating system
{{Short description|Operating system with support for multilevel security}}
Trusted Operating System (TOS) generally refers to an operating system that provides sufficient support for multilevel security and evidence of correctness to meet a particular set of government requirements.
The most common set of criteria for trusted operating system design is the Common Criteria combined with the Security Functional Requirements (SFRs) for Labeled Security Protection Profile (LSPP) and mandatory access control (MAC). The Common Criteria is the result of a multi-year effort by the governments of the U.S., Canada, United Kingdom, France, Germany, the Netherlands and other countriesList of member of the Common Criteria Recognition Arrangement: http://www.commoncriteriaportal.org/ccra/members/ to develop a harmonized security criteria for IT products.
Examples
Examples of certified trusted operating systems are:
- Apple Mac OS X 10.6 (Rated EAL 3+Common Criteria certification report http://www.commoncriteriaportal.org/files/epfiles/0536a_pdf.pdf)
- HP-UX 11i v3 (Rated EAL 4+)
- Some Linux distributions (Rated up to EAL 4+)
- Microsoft Windows 7 and Microsoft Server 2008 R2 (Rated EAL 4+Common Criteria certification report http://www.commoncriteriaportal.org/files/epfiles/st_vid10390-vr.pdf)
- AIX 5L with PitBull Foundation (Rated EAL 4+List of AIX certifications on [https://web.archive.org/web/20081204033521/http://www-03.ibm.com/systems/power/software/aix/certifications/index.html])
- Trusted Solaris
- Trusted UNICOS 8.0 (Rated B1{{Cite web | url=http://www.dsd.gov.au/infosec/epl/index_details.php?product_id=MjE0IyMjMjEzLjIxMy4yNDYuMjE3 |title = Australian Signals Directorate}})
- XTS-400 (Rated EAL5+Common Criteria Certification report http://www.commoncriteriaportal.org/files/epfiles/st_vid10293-vr.pdf)
- IBM VM (SP, BSE, HPO, XA, ESA, etc.) with RACF
Examples of operating systems that might be certifiable are:
- FreeBSD with the TrustedBSD extensionsFreeBSD statement about support of Common Criteria requirements : {{cite web |url=http://www.freebsd.org/doc/en/articles/linux-comparison/freebsd-support.html |title=Support |accessdate=2011-11-19 |url-status=dead |archiveurl=https://web.archive.org/web/20120331193226/http://www.freebsd.org/doc/en/articles/linux-comparison/freebsd-support.html |archivedate=2012-03-31 }}
- SELinux (see [http://www.nsa.gov/research/selinux/faqs.shtml#I12 FAQ])
Companies that have created trusted operating systems include:
- Addamax (BSD, SVR3, SVR4, HP/UX)
- Argus Systems Group (Solaris, AIX, Linux)
- AT&T (System V)
- BAE Systems (XTS Unix)
- Bull (AIX)
- Data General (DG/UX)
- Digital Equipment Corporation (Ultrix)
- Forcepoint (Hardened SELinux)
- Gemini Computers (GEMSOS)
- General Dynamics C4 Systems (Linux)
- Harris Corporation (SVR3, SVR4)
- Hewlett-Packard (HP/UX)
- Honeywell (Multics)
- IBM (OS/390, AIX)
- SCO (SCO Unix)
- Secure Computing Corporation (LOCK, Mach, BSD)
- SecureWare (Apple A/UX, HP/UX, SCO)
- Sequent Computer Systems (Dynix/ptx)
- Silicon Graphics (IRIX)
- Sun Microsystems (SunOS, Solaris)
- Trusted Information Systems (Xenix, Mach)
See also
References
{{reflist}}
External links
- [http://www.commoncriteriaportal.org/products/ Common Criteria Portal - certified products]
- [http://www.nsa.gov/research/selinux/faqs.shtml NSA FAQ on SELinux]
- [http://www.argus-systems.com/ Argus Systems]