/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsSANTA CLARA, USA: Sun Microsystems Inc. announced the completion of a significant security benchmark for the Solaris 10 Operating System (OS).
Solaris 10 11/06 with Solaris Trusted Extensions has achieved Common Criteria Certification for the Labeled Security Protection Profile (LSPP) at Evaluation Assurance Level (EAL) 4+, the highest commonly recognized global security certification.
This allows Solaris 10 to be deployed by customers requiring Multi-Level Security (MLS) protection and independent validation of an OS security model, such as financial, healthcare and government institutions.
Solaris 10 11/06 with Solaris Trusted Extensions achieved LSPP at EAL 4+ for both Sun x86/64 and SPARC systems while combining both desktop and server-based functionality. Certification included testing Solaris 10 on a wide range of systems, to most accurately simulate a real-world environment where customers need to view and share data securely in a multi-level manner. This enables security level data, such as files marked “top secret” or “confidential”, to be shared securely among non-label aware systems with heterogeneous connections.
“In deployment environments where system and data security are the chief objectives, customers demand an OS that delivers complete security without compromise. Completion of the Common Criteria Certification for LSPP at EAL 4+ validates Solaris 10 as an unsurpassed OS in terms of security performance, while also delivering the benefits customers have come to expect from Solaris such as reliability, virtualization capabilities, scalability and ease of use,” said Jim McHugh, vice president of marketing for Solaris, Sun Microsystems. “Customers will be pleased to know that Solaris was tested and certified in a dynamic, realistic computing environment on a variety of Sun(TM) x86 and SPARC systems. We feel this is an achievement that virtually no competing OS on the market can match.”
Common Criteria Certification for Solaris 10 11/06 with Trusted Extensions included tests for several additional functions in MLS environments including use of an LDAP-based enterprise directory server and use of network sharing of labeled file systems. With Solaris Containers, Solaris 10 11/06 with Trusted Extensions is also the first OS to complete LSPP using operating system virtualization.
Solaris Containers allow a user to maximize system resources by enabling the creation of many private, labeled execution environments within a single instance of Solaris, running on a single system. Testing also included the first use of a multi-level GNOME-based graphical user interface (GUI), rather than just a command line interface for users.
In addition to certification for the LSPP, Solaris 10 11/06 with Trusted Extensions has previously received Common Criteria Certification for the Controlled Access Protection Profile (CAPP) and Role Based Access Control Protection Profile (RBACPP), both at EAL4+. Common Criteria testing for Solaris 10 for all three profiles was conducted by CGI Information Systems and Management Consultants, Inc., in Ottawa, Canada and independently validated by Canada's Communications Security Establishment (CSE).