Red Hat, with help from IBM and Trusted Computing Solutions, plans to put its operating system through the paces of the National Information Assurance Partnership's Common Criteria evaluation program to create the first "trusted" Linux operating system.
Post a Comment
Member since:
2005-07-08
First, there is Trusted Solaris for x86:
http://www.sun.com/software/solaris/trustedsolaris/
And does RedHat intend to certify a GUI as trusted, since Trusted Solaris has Common Desktop Environment certified as Trusted, or is it CLI only?
Member since:2005-07-06
Not sure what you consider wrong in the article since it mentions that in the "past' used to run only on RISC architectures.
An updated version of RHEL 4 targets EAL4 while ongoing efforts in RHEL 5 target the LSPP, CAPP and RBAC profiles which I believe dont include the GUI in a comprehesive way beyond potential visual display of current roles,labels or profile including printing
http://niap.nist.gov/cc-scheme/in_evaluation.html#r
https://www.redhat.com/mailman/listinfo/redhat-lspp
There are independant efforts to do this however that is not tied to the certification process
http://fedoraproject.org/wiki/FC5Future
Hope that helps
Member since:2005-07-08
Member since:---
From TFA: "The big thing here is that it makes Red Hat Enterprise Linux 5 the only other trusted operating system in the world, beyond Trusted Solaris," says Ed Hammersla, chief operating officer of Trusted Computer Solutions, a provider of security software and services. "It's a big milestone in the maturity of Linux."
Even the article blurb doesn't say first "trusted" operating system, but rather first "trusted" linux operating system.
The article is correct.
Member since:---
Member since:2005-07-08
Member since:---
Member since:---
First
SUSE Enterprise 9 was released around Aug 2004, so 18 months is a bit of a stretch 
Second
SEL9 has EAL4+ certification with the CAPP
Thrid
RHEL 5 will be going for EAL4+ certification with the CAPP, LSPP and RBAC
Fourth,
http://informationweek.com did do a pretty bad job of patching this news bit together
Last but not least, get your news from the horses mouth
http://www.trustedcs.com/news/6news6_1_1z.htm
;-)
jlc
Member since:
---
Member since:
---
we should see more of non nsa funded stuff like www.rsbac.org www.adamantix.org
I agree,i would like to add www.grsecurity.net and pax.grsecurity.net
I doubt EAL alone is enough.There should be a penetration certificate also.Features such as advanced encrypting,digital keys,etc add some points to the overal EAL certification but don't prevent a cracker from compromising the server.
Trusted Solaris might be a tough nut to crack but is exorbitant expensive.
Member since:
2005-07-06
Member since:
2005-07-06
this is A very good time , as all the apps that require
"EAL $ and above and or "trusted" status. can now be run on Linux, also means Companys and biz's alike can now get there hands on a "trusted" system for a reasonable price.
altho the Certifcation will be on IBM hardware, which I belive (not sure off) to run a "trusted" app you need to run it on the hardware it was certified on i think, which is good for IBM. 
but, many many comapnys can now get the benifit of a full EAL4_ trusted system for there apps if the need it.
cool
-Nex6
-nex6.blogspot.com
