Evaluation Assurance Level
   HOME
*





Evaluation Assurance Level
The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. The increasing assurance levels reflect added assurance requirements that must be met to achieve Common Criteria certification. The intent of the higher levels is to provide higher confidence that the system's principal security features are reliably implemented. The EAL level does not measure the security of the system itself, it simply states at what level the system was tested. To achieve a particular EAL, the computer system must meet specific ''assurance requirements''. Most of these requirements involve design documentation, design analysis, functional testing, or penetration testing. The higher EALs involve more detailed documentation, analysis, and testing than the lower ones. Achieving a higher EAL certification generally costs more money and takes more ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Common Criteria
The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1 revision 5. Common Criteria is a framework in which computer system users can ''specify'' their security ''functional'' and ''assurance'' requirements (SFRs and SARs respectively) in a Security Target (ST), and may be taken from Protection Profiles (PPs). Vendors can then ''implement '' or make claims about the security attributes of their products, and testing laboratories can ''evaluate'' the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use. Common Criteria maintains a list of ce ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Z/VM
z/VM is the current version in IBM's VM family of virtual machine operating systems. z/VM was first released in October 2000 and remains in active use and development . It is directly based on technology and concepts dating back to the 1960s, with IBM's CP/CMS on the IBM System/360-67 (see article History of CP/CMS for historical details). z/VM runs on IBM's IBM Z family of computers. It can be used to support large numbers (thousands) of Linux virtual machines. (See Linux on IBM Z.) On September 16, 2022, IBM released z/VM Version 7.3 which requires z/Architecture, implemented in IBM's EC12, BC12 and later models. See also * z/OS * OpenSolaris for System z * z/TPF * z/VSE * PR/SM * Time-sharing system evolution This article covers the evolution of time-sharing systems, providing links to major early time-sharing operating systems, showing their subsequent evolution. Time-sharing Time-sharing was first proposed in the mid- to late-1950s and first impleme ... References ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Common Criteria Evaluation Costs
Common may refer to: Places * Common, a townland in County Tyrone, Northern Ireland * Boston Common, a central public park in Boston, Massachusetts * Cambridge Common, common land area in Cambridge, Massachusetts * Clapham Common, originally common land, now a park in London, UK * Common Moss, a townland in County Tyrone County Tyrone (; ) is one of the six Counties of Northern Ireland, counties of Northern Ireland, one of the nine counties of Ulster and one of the thirty-two traditional Counties of Ireland, counties of Ireland. It is no longer used as an admini ..., Northern Ireland * Lexington Battle Green, Lexington Common, a common land area in Lexington, Massachusetts * Salem Common Historic District (Salem, Massachusetts), Salem Common Historic District, a common land area in Salem, Massachusetts People * Common (rapper) (born 1972), American hip hop artist, actor, and poet * Andrew Ainslie Common (born 1841), English amateur astronomer * Andrew Common (born 1889), Brit ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Government Accountability Office
The U.S. Government Accountability Office (GAO) is a legislative branch government agency that provides auditing, evaluative, and investigative services for the United States Congress. It is the supreme audit institution of the federal government of the United States. It identifies its core "mission values" as: accountability, integrity, and reliability. It is also known as the "congressional watchdog". Powers of GAO The work of the GAO is done at the request of congressional committees or subcommittees or is mandated by public laws or committee reports. It also undertakes research under the authority of the Comptroller General. It supports congressional oversight by: * auditing agency operations to determine whether federal funds are being spent efficiently and effectively; * investigating allegations of illegal and improper activities; * reporting on how well government programs and policies are meeting their objectives; * performing policy analyses and outlining options for ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




INTEGRITY-178B
INTEGRITY and INTEGRITY-178B are real-time operating systems (RTOSes) produced and marketed by Green Hills Software. INTEGRITY INTEGRITY is POSIX-certified and intended for use in embedded systems of 32-bits or 64-bit computing, 64-bits. Supported computer architectures include variants of: ARM architecture, ARM, Blackfin, NXP ColdFire, ColdFire, MIPS architecture, MIPS, PowerPC, XScale, and x86. INTEGRITY is supported by popular Transport Layer Security, SSL/TLS libraries such as wolfSSL. INTEGRITY-178B INTEGRITY-178B is the DO-178B–compliant version of INTEGRITY. It is used in several military jets such as the B-2, F-16, F-22, and F-35 Lightning II, F-35, and the commercial aircraft Airbus A380. Its Kernel (operating system), kernel design guarantees bounded computing times by eliminating features such as dynamic memory allocation. The auditing and security engineering abilities have allowed it to obtain the Evaluation Assurance Level (EAL) 6 rating by the National Security ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

IBM System Z
IBM Z is a family name used by IBM for all of its z/Architecture mainframe computers. In July 2017, with another generation of products, the official family was changed to IBM Z from IBM z Systems; the IBM Z family now includes the newest model, the IBM z16, as well as the z15, the z14, and the z13 (released under the IBM z Systems/IBM System z names), the IBM zEnterprise models (in common use the zEC12 and z196), the IBM System z10 models (in common use the z10 EC), the IBM System z9 models (in common use the z9EC) and ''IBM eServer zSeries'' models (in common use refers only to the z900 and z990 generations of mainframe). Architecture The ''zSeries,'' ''zEnterprise,'' ''System z'' and ''IBM Z'' families were named for their availability – ''z'' stands for High availability, zero downtime. The systems are built with spare components capable of hot Failover, failovers to ensure continuous operations. The IBM Z family maintains full backward compatibility. In effect, curren ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


LPAR
A logical partition (LPAR) is a subset of a computer's hardware resources, virtualized as a separate computer. In effect, a physical machine can be partitioned into multiple logical partitions, each hosting a separate instance of an operating system. PR/SM Although the terms ''PR/SM'' and ''LPAR'' are often used interchangeably in IBM Z, including in IBM documentation, ''PR/SM'' was not present in the IBM 370/168's Virtual Machine Facility/370; it came in with the IBM 3090, years later. Formally, LPAR designates the mode of operation or an individual logical partition, whereas PR/SM is the commercial designation of the feature. In mainframe computing PR/SM (Processor Resource/System Manager) is a type-1 Hypervisor (a virtual machine monitor) that allows multiple logical partitions to share physical resources such as CPUs, I/O channels and LAN interfaces; when sharing channels, the LPARs can share I/O devices such as direct access storage devices (DASD). PR/SM is integrate ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Interactive Link
The Interactive Link is a suite of hardware and software products designed for application within areas where network separation is implemented for security reasons. Manufactured and marketed by Tenix Datagate, the Interactive Link hardware products have been evaluated to the highest level under international security criteria with a strong focus on maintaining the confidentiality of the secure network. The technology underlying the products is drawn from Starlight Technology, developed by the Australian Defence Science and Technology Group. History The Interactive Link product suite is a commercialized version of Starlight Technology. This technology, developed as a way to transfer data from a lower classification (Low Side) network to a highly classified (High Side) computer without compromising sensitive information, was formed inside the Australian DSTO as a research project. The technology also allowed users to view and interact on a Low Side network from a High Side comput ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Smart Card
A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, mobile phones (SIM), public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations. The universal integrated circuit card, or SIM card, is also a type of smart card. , 10.5billion smart card IC chips are manufactured annually, including 5.44billion SIM card IC chips. Hist ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

VMware ESXi
VMware ESXi (formerly ESX) is an enterprise-class, type-1 hypervisor developed by VMware for deploying and serving virtual computers. As a type-1 hypervisor, ESXi is not a software application that is installed on an operating system (OS); instead, it includes and integrates vital OS components, such as a kernel. After version 4.1 (released in 2010), VMware renamed ESX to ''ESXi''. ESXi replaces Service Console (a rudimentary operating system) with a more closely integrated OS. ESX/ESXi is the primary component in the VMware Infrastructure software suite. The name ''ESX'' originated as an abbreviation of Elastic Sky X. In September 2004, the replacement for ESX was internally called ''VMvisor'', but later changed to ESXi (as the "i" in ESXi stood for "integrated"). Architecture ESX runs on bare metal (without running an operating system) unlike other VMware products. It includes its own kernel. In the historic VMware ESX, a Linux kernel was started first and then used to ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


XTS-400
The XTS-400 is a multilevel secure computer operating system. It is multiuser and multitasking that uses multilevel scheduling in processing data and information. It works in networked environments and supports Gigabit Ethernet and both IPv4 and IPv6. The XTS-400 is a combination of Intel x86 hardware and the Secure Trusted Operating Program (STOP) operating system. XTS-400 was developed by BAE Systems, and originally released as version 6.0 in December 2003. STOP provides ''high-assurance'' security and was the first general-purpose operating system with a Common Criteria assurance level rating of EAL5 or above. The XTS-400 can host, and be trusted to separate, multiple, concurrent data sets, users, and networks at different sensitivity levels. The XTS-400 provides both an ''untrusted'' environment for normal work and a trusted environment for administrative work and for privileged applications. The untrusted environment is similar to traditional Unix environments. It prov ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Solaris 10
Solaris is a proprietary software, proprietary Unix operating system originally developed by Sun Microsystems. After the Acquisition of Sun Microsystems by Oracle Corporation, Sun acquisition by Oracle in 2010, it was renamed Oracle Solaris. Solaris superseded the company's earlier SunOS in 1993, and became known for its scalability, especially on SPARC systems, and for originating many innovative features such as DTrace, ZFS and Time Slider. Solaris supports SPARC and x86-64 workstations and computer server, servers from Oracle and other vendors. Solaris was registered as compliant with the Single UNIX Specification until 29 April 2019. Historically, Solaris was developed as proprietary software. In June 2005, Sun Microsystems released most of the codebase under the CDDL license, and founded the OpenSolaris Open-source software, open-source project. With OpenSolaris, Sun wanted to build a developer and user community around the software. After the acquisition of Sun Microsyste ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]