atsec information security has completed a Common Criteria (CC) evaluation of Novell/SUSE Linux Enterprise Server 9 (SLES 9) on IBM eServers, which will result in first-time Evaluation Assurance Level 4+ (EAL4+) certification of the enterprise operating system platform.
Austin, TX and Munich, Germany (PRWEB) February 16, 2005 -- atsec information
security has completed a Common Criteria (CC) evaluation of Novell/SUSE Linux
Enterprise Server 9 (SLES 9) on IBM eServers, which will result in first-time
Evaluation Assurance Level 4+ (EAL4+) certification of the enterprise operating
system platform. The anticipated certification will enable SLES 9 to be adopted
by governments and government agencies for mission-critical and
command-and-control operations, and also reinforces to the private sector that
Linux is a secure, tested platform for essential enterprise
The first Linux Common Criteria certification (Novell/SUSE Linux Enterprise Server 8 on the IBM xServer platform) was completed in August 2003 at the EAL2+ level. In the 18 months following initial certification, six additional evaluations have tested versions of Red Hat Linux and Novell/SUSE Linux software on a range of IBM and HP hardware platforms at progressively more secure Common Criteria levels. Gordon McIntosh, Lab Manager of atsec’s Common Criteria Testing Laboratory in Austin, Texas, notes, “No other commercial operating system has had security scrutinized and tested as regularly, on such a large number of hardware platforms, as Linux.”
The scrutiny of Linux will not end with the successful evaluation of SLES 9 on IBM eServers at the EAL4+ level. Vendors continue to demonstrate their firm commitment to secure operating system platforms by pursuing Common Criteria certification of new Linux versions on a full range of current and emerging hardware platforms.
Formal announcement of the successful EAL4+ evaluation completion on SLES 9 was made at the opening of LinuxWorld in Boston on 15 February 2005.
About Common Criteria
The Common Criteria (CC) standard is an internationally-recognized ISO standard (ISO15408) used by the federal government and other organizations to assess security and assurance of information technology products. The CC provides a standardized way of expressing security requirements and defines the respective set of rigorous criteria by which the product will be evaluated. The CC is widely recognized within the IT Security community, IT professionals, government agencies, and customers as the seal of approval for mission-critical software. Under CC, products are evaluated against strict standards for various features, such as the development environment, security functionality, the handling of security vulnerabilities, security related documentation and product testing.
The Common Criteria Controlled Access Protection Profile (CAPP) specifies a set of security functional and assurance requirements for Information Technology (IT) products.
About atsec information security
atsec information security is the leading provider of high-quality information security services. These include laboratory services including product evaluation, as well as general consulting in a wide range of information security areas including Information Security Management Systems (ISMS), risk management, PKI consulting, privacy assessment, and security auditing. atsec information security was founded in 2000 and operates in the U.S. and Europe, including Austin, Munich, Cologne, and Stockholm.
For more information about atsec information security, please visit http://www.atsec.com.
# # #
Source : http://www.prweb.com/releases/2005/2/prweb209172.htm