computing Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes, and development of both hardware and software. Computing has scientific, ...

, security-evaluated operating systems have achieved certification from an external security-auditing organization, the most popular evaluations are

Common Criteria The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard ( ISO/ IEC 15408) for computer security certification. It is currently in version 3.1 revision 5. Common Criter ...

(CC) and

FIPS 140-2 The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to approve cryptographic modules. The title is ''Security Requirements for Cryptographic Modules''. Initial pu ...

Oracle Solaris

Trusted Solaris Trusted Solaris is a discontinued security-evaluated operating system based on Solaris (operating system), Solaris by Sun Microsystems, featuring a mandatory access control model. Features * Accounting * Role-Based Access Control * Auditing * Devic ...

8 was a security-focused version of the Solaris

Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, a ...

operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks,

pluggable authentication A pluggable authentication module (PAM) is a mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface (API). PAM allows programs that rely on authentication to be written independently ...

, mandatory

access control In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of ''accessing'' may mean consuming ...

, additional physical authentication devices, and fine-grained access control(FGAC). Versions of Trusted Solaris through version 8 are

certified. Trusted Solaris Version 8 received the EAL 4 certification level augmented by a number of protection profiles.

BAE Systems' STOP

BAE Systems' STOP version 6.0.E received an EAL4+ in April 2004 and the 6.1.E version received an EAL5+ certification in March 2005. STOP version 6.4 U4 received an EAL5+ certification in July 2008. Versions of STOP prior to STOP 6 have held B3 certifications under

TCSEC Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TC ...

. While STOP 6 is binary compatible with Linux, it does not derive from the

Linux kernel The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU ...

. Se

for an overview of the system.

Red Hat Enterprise Linux

Red Hat Enterprise Linux Red Hat Enterprise Linux (RHEL) is a Commercial software, commercial Open-source software, open-source Linux distribution developed by Red Hat for the commerce, commercial market. Red Hat Enterprise Linux is released in server versions for x86-6 ...

Version 7.1 achieved EAL4+ in October 2016.

Version 6.2 on 32 bit x86 Architecture achieved EAL4+ in December 2014.

Version 6.2 with KVM Virtualization for x86 Architectures achieved EAL4+ in October 2012.

5 achieved EAL4+ in June 2007.

Novell SUSE Linux Enterprise Server

Novell's

SUSE Linux Enterprise Server SUSE Linux Enterprise (often abbreviated to SLE) is a Linux-based operating system developed by SUSE. It is available in two editions, suffixed with Server (SLES) for servers and mainframes, and Desktop (SLED) for workstations and desktop compu ...

15 is certified for IBM Z, Arm and x86-64 at CAPP/ EAL4+ in August 2021. Se

Novell's

9 running on an IBM eServer was certified at CAPP/ EAL4+ in February 2005. Se
News release at heise.de

Microsoft Windows

The following versions of Microsoft Windows have received EAL 4 Augmented ALC_FLR.3 certification: * Windows 2008 Server (64-bit), Enterprise (64-bit) and Datacenter, as well as Windows Vista Enterprise (both 32-bit and 64-bit) attained EAL 4 Augmented (colloquially referred to as EAL 4+) ALC_FLR.3 status i
2009
*

Windows 2000 Windows 2000 is a major release of the Windows NT operating system developed by Microsoft and oriented towards businesses. It was the direct successor to Windows NT 4.0, and was released to manufacturing on December 15, 1999, and was official ...

Server, Advanced Server, and Professional, each with Service Pack 3 and Q326886 Hotfix operating on the x86 platform were certified a
CAPP/EAL 4 Augmented ALC_FLR.3
in October 2002. (This includes standard configurations as Domain Controller, Server in a Domain, Stand-alone Server, Workstation in a Domain, Stand-alone Workstation) *

Windows XP Windows XP is a major release of Microsoft's Windows NT operating system. It was release to manufacturing, released to manufacturing on August 24, 2001, and later to retail on October 25, 2001. It is a direct upgrade to its predecessors, Wind ...

Professional and Embedded editions, with Service Pack 2, and

Windows Server 2003 Windows Server 2003 is the sixth version of Windows Server operating system produced by Microsoft. It is part of the Windows NT family of operating systems and was released to manufacturing on March 28, 2003 and generally available on April 24, ...

Standard and Enterprise editions (32-bit and 64-bit), with Service Pack 1, were al
certified
in December 2005.

Mac OS X

Apple's

Mac OS X macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac computers. Within the market of desktop and lapt ...

and Mac OS X Server running 10.3.6 both with the Common Criteria Tools Package installed were certified at CAPP/ EAL3 in January 2005

Apple's Mac OS X & Mac OS X Server running the latest version 10.4.6 have not yet been fully evaluated however the Common Criteria Tools package is available.

GEMSOS

Gemini Multiprocessing Secure Operating Syste

is a Trusted Computer System Evaluation Criteria, TCSEC A1 system that runs on x86 processor type COTS hardware.

OpenVMS and SEVMS

The SEVMS enhancement to VMS was a CC B1/B3 system formerly of

Digital Equipment Corporation Digital Equipment Corporation (DEC ), using the trademark Digital, was a major American company in the computer industry from the 1960s to the 1990s. The company was co-founded by Ken Olsen and Harlan Anderson in 1957. Olsen was president unti ...

(DEC). A standard OpenVMS installation is rated as CC C2.

Green Hills INTEGRITY-178B

Green Hills Software's INTEGRITY-178B real-time operating system was certified at Common Criteria EAL6+ in September 2008

running on an embedded PowerPC processor on a Compact PCI card.

Unisys MCP

The Burroughs MCP, Unisys MCP operating system includes an implementation of the DoD Orange Book C2 specification, the controlled access protection sub-level of discretionary protection. MCP/AS obtained the C2 rating in August, 1987.

Unisys OS 2200

The Unisys OS 2200 operating system includes an implementation of the DoD Orange Book B1, Labeled security protection level specification. OS 2200 first obtained a successful B1 evaluation in September, 1989. Unisys maintained that evaluation until 1994 through the National Computer Security Center Rating Maintenance Phase (RAMP) of the Trusted Product Evaluation Program.

External links

* Th
common criteria portal's products list
has an "Operating Systems" category containing CC certification results

Notes

References

{{reflist Operating system security Computer security procedures