|
EAL4
The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to achieve Common Criteria certification. The intent of the higher levels is to provide higher confidence that the system's principal security features are reliably implemented. The EAL level does not measure the security of the system itself, it simply states at what level the system was tested. To achieve a particular EAL, the computer system must meet specific ''assurance requirements''. Most of these requirements involve design documentation, design analysis, functional testing, or penetration testing. The higher EALs involve more detailed documentation, analysis, and testing than the lower ones. Achieving a higher EAL certification generally costs more money and takes more ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
XTS-400
The XTS-400 is a multilevel secure computer operating system. It is multiuser and multitasking that uses multilevel scheduling in processing data and information. It works in networked environments and supports Gigabit Ethernet and both IPv4 and IPv6. The XTS-400 is a combination of Intel x86 hardware and the Secure Trusted Operating Program (STOP) operating system. XTS-400 was developed by BAE Systems, and originally released as version 6.0 in December 2003. STOP provides ''high-assurance'' security and was the first general-purpose operating system with a Common Criteria assurance level rating of EAL5 or above. The XTS-400 can host, and be trusted to separate, multiple, concurrent data sets, users, and networks at different sensitivity levels. The XTS-400 provides both an ''untrusted'' environment for normal work and a trusted environment for administrative work and for privileged applications. The untrusted environment is similar to traditional Unix environments. It prov ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Common Criteria
The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1 revision 5. Common Criteria is a framework in which computer system users can ''specify'' their security ''functional'' and ''assurance'' requirements (SFRs and SARs respectively) in a Security Target (ST), and may be taken from Protection Profiles (PPs). Vendors can then ''implement '' or make claims about the security attributes of their products, and testing laboratories can ''evaluate'' the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use. Common Criteria maintains a list of ce ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Multilevel Security
Multilevel security or multiple levels of security (MLS) is the application of a computer system to process information with incompatible classifications (i.e., at different security levels), permit access by users with different security clearances and needs-to-know, and prevent users from obtaining access to information for which they lack authorization. There are two contexts for the use of multilevel security. One is to refer to a system that is adequate to protect itself from subversion and has robust mechanisms to separate information domains, that is, trustworthy. Another context is to refer to an application of a computer that will require the computer to be strong enough to protect itself from subversion and possess adequate mechanisms to separate information domains, that is, a system we must trust. This distinction is important because systems that need to be trusted are not necessarily trustworthy. Trusted operating systems An MLS operating environment often requ ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
IBM System Z
IBM Z is a family name used by IBM for all of its z/Architecture mainframe computers. In July 2017, with another generation of products, the official family was changed to IBM Z from IBM z Systems; the IBM Z family now includes the newest model, the IBM z16, as well as the z15, the z14, and the z13 (released under the IBM z Systems/IBM System z names), the IBM zEnterprise models (in common use the zEC12 and z196), the IBM System z10 models (in common use the z10 EC), the IBM System z9 models (in common use the z9EC) and ''IBM eServer zSeries'' models (in common use refers only to the z900 and z990 generations of mainframe). Architecture The ''zSeries,'' ''zEnterprise,'' ''System z'' and ''IBM Z'' families were named for their availability – ''z'' stands for High availability, zero downtime. The systems are built with spare components capable of hot Failover, failovers to ensure continuous operations. The IBM Z family maintains full backward compatibility. In effect, curren ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trusted Solaris
Trusted Solaris is a discontinued security-evaluated operating system based on Solaris (operating system), Solaris by Sun Microsystems, featuring a mandatory access control model. Features * Accounting * Role-Based Access Control * Auditing * Device allocation * Mandatory access control (MAC) labeling Certification Trusted Solaris 8 is Common Criteria certified at Evaluation Assurance Level EAL4+ against the CAPP, RBACPP, and LSPP protection profiles. It is the basis for the DoDIIS Trusted Workstation program. Solaris Trusted Extensions Features that were previously only available in Trusted Solaris, such as fine-grained privileges, are now part of the standard Solaris release. In the Solaris 10 11/06 update a new component called Solaris Trusted Extensions was introduced, making it no longer necessary to have a different release with a modified kernel for labeled security environments. Solaris Trusted Extensions is an OpenSolaris project. Solaris Trusted Extensions, when enabled ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Windows Vista
Windows Vista is a major release of the Windows NT operating system developed by Microsoft. It was the direct successor to Windows XP, which was released five years before, at the time being the longest time span between successive releases of Microsoft Windows desktop operating systems. Software release life cycle#Release to manufacturing (RTM), Development was completed on November 8, 2006, and over the following three months, it was released in stages to computer hardware and software manufacturers, business customers and retail channels. On January 30, 2007, it was released internationally and was made available for purchase and download from the Windows Marketplace; it is the first release of Windows to be made available through a digital distribution platform. Features new to Windows Vista, New features of Windows Vista include an updated graphical user interface and Skin (computing), visual style dubbed Windows Aero, Aero, a new search component called Windows Search, red ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Z/VM
z/VM is the current version in IBM's VM family of virtual machine operating systems. z/VM was first released in October 2000 and remains in active use and development . It is directly based on technology and concepts dating back to the 1960s, with IBM's CP/CMS on the IBM System/360-67 (see article History of CP/CMS for historical details). z/VM runs on IBM's IBM Z family of computers. It can be used to support large numbers (thousands) of Linux virtual machines. (See Linux on IBM Z.) On September 16, 2022, IBM released z/VM Version 7.3 which requires z/Architecture, implemented in IBM's EC12, BC12 and later models. See also * z/OS * OpenSolaris for System z * z/TPF * z/VSE * PR/SM * Time-sharing system evolution This article covers the evolution of time-sharing systems, providing links to major early time-sharing operating systems, showing their subsequent evolution. Time-sharing Time-sharing was first proposed in the mid- to late-1950s and first impleme ... References ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Common Criteria Evaluation Costs
Common may refer to: Places * Common, a townland in County Tyrone, Northern Ireland * Boston Common, a central public park in Boston, Massachusetts * Cambridge Common, common land area in Cambridge, Massachusetts * Clapham Common, originally common land, now a park in London, UK * Common Moss, a townland in County Tyrone County Tyrone (; ) is one of the six Counties of Northern Ireland, counties of Northern Ireland, one of the nine counties of Ulster and one of the thirty-two traditional Counties of Ireland, counties of Ireland. It is no longer used as an admini ..., Northern Ireland * Lexington Battle Green, Lexington Common, a common land area in Lexington, Massachusetts * Salem Common Historic District (Salem, Massachusetts), Salem Common Historic District, a common land area in Salem, Massachusetts People * Common (rapper) (born 1972), American hip hop artist, actor, and poet * Andrew Ainslie Common (born 1841), English amateur astronomer * Andrew Common (born 1889), Brit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Government Accountability Office
The U.S. Government Accountability Office (GAO) is a legislative branch government agency that provides auditing, evaluative, and investigative services for the United States Congress. It is the supreme audit institution of the federal government of the United States. It identifies its core "mission values" as: accountability, integrity, and reliability. It is also known as the "congressional watchdog". Powers of GAO The work of the GAO is done at the request of congressional committees or subcommittees or is mandated by public laws or committee reports. It also undertakes research under the authority of the Comptroller General. It supports congressional oversight by: * auditing agency operations to determine whether federal funds are being spent efficiently and effectively; * investigating allegations of illegal and improper activities; * reporting on how well government programs and policies are meeting their objectives; * performing policy analyses and outlining options for ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
INTEGRITY-178B
INTEGRITY and INTEGRITY-178B are real-time operating systems (RTOSes) produced and marketed by Green Hills Software. INTEGRITY INTEGRITY is POSIX-certified and intended for use in embedded systems of 32-bits or 64-bit computing, 64-bits. Supported computer architectures include variants of: ARM architecture, ARM, Blackfin, NXP ColdFire, ColdFire, MIPS architecture, MIPS, PowerPC, XScale, and x86. INTEGRITY is supported by popular Transport Layer Security, SSL/TLS libraries such as wolfSSL. INTEGRITY-178B INTEGRITY-178B is the DO-178B–compliant version of INTEGRITY. It is used in several military jets such as the B-2, F-16, F-22, and F-35 Lightning II, F-35, and the commercial aircraft Airbus A380. Its Kernel (operating system), kernel design guarantees bounded computing times by eliminating features such as dynamic memory allocation. The auditing and security engineering abilities have allowed it to obtain the Evaluation Assurance Level (EAL) 6 rating by the National Security ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
LPAR
A logical partition (LPAR) is a subset of a computer's hardware resources, virtualized as a separate computer. In effect, a physical machine can be partitioned into multiple logical partitions, each hosting a separate instance of an operating system. PR/SM Although the terms ''PR/SM'' and ''LPAR'' are often used interchangeably in IBM Z, including in IBM documentation, ''PR/SM'' was not present in the IBM 370/168's Virtual Machine Facility/370; it came in with the IBM 3090, years later. Formally, LPAR designates the mode of operation or an individual logical partition, whereas PR/SM is the commercial designation of the feature. In mainframe computing PR/SM (Processor Resource/System Manager) is a type-1 Hypervisor (a virtual machine monitor) that allows multiple logical partitions to share physical resources such as CPUs, I/O channels and LAN interfaces; when sharing channels, the LPARs can share I/O devices such as direct access storage devices (DASD). PR/SM is integrate ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Interactive Link
The Interactive Link is a suite of hardware and software products designed for application within areas where network separation is implemented for security reasons. Manufactured and marketed by Tenix Datagate, the Interactive Link hardware products have been evaluated to the highest level under international security criteria with a strong focus on maintaining the confidentiality of the secure network. The technology underlying the products is drawn from Starlight Technology, developed by the Australian Defence Science and Technology Group. History The Interactive Link product suite is a commercialized version of Starlight Technology. This technology, developed as a way to transfer data from a lower classification (Low Side) network to a highly classified (High Side) computer without compromising sensitive information, was formed inside the Australian DSTO as a research project. The technology also allowed users to view and interact on a Low Side network from a High Side comput ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
