Trusted operating system
 | This article needs additional citations for verification. (March 2008) |
Trusted Operating System (TOS) generally refers to an operating system that provides sufficient support for multilevel security and evidence of correctness to meet a particular set of government requirements.
The most common set of criteria for trusted operating system design is the Common Criteria combined with the Security Functional Requirements (SFRs) for Labeled Security Protection Profile(LSPP) and Mandatory Access Control(MAC). The Common Criteria is the result of a multi-year effort by the governments of the U.S., Canada, United Kingdom, France, Germany, and the Netherlands to develop a harmonized security criteria for IT products.
Examples of certified trusted operating systems are:
- Apple Mac OS X 10.6 (Rated EAL 3+[1])
- HP-UX 11i v3 (Rated EAL 4+)
- Some Linux distributions (Rated up to EAL 4+)
- Microsoft Windows 7 and Microsoft Server 2008 R2 (Rated EAL 4+ [2])
- AIX 5L with PitBull Foundation (Rated EAL 4+[3])
- Trusted Solaris
- Trusted UNICOS 8.0 (Rated B1[4])
- XTS-400 (Rated EAL5+[5])
Examples of operating systems that might be certifiable are:
Companies that have created trusted operating systems include:
- Addamax (BSD, SVR3, SVR4, HP/UX)
- Argus Systems Group (Solaris, AIX)
- AT&T (System V)
- Bull (AIX)
- Data General (DG/UX)
- Digital Equipment Corporation (Ultrix)
- Gemini Computers (GEMSOS)
- Harris Corporation (SVR3, SVR4)
- Hewlett-Packard(HP/UX)
- Honeywell (Multics)
- IBM (OS/390, AIX)
- SCO (SCO Unix)
- Secure Computing Corporation (LOCK, Mach, BSD)
- SecureWare (Apple A/UX, HP/UX, SCO)
- Sequent (Dynix/ptx)
- Silicon Graphics (IRIX)
- Sun Microsystems (SunOS, Solaris)
- Trusted Information Systems (Xenix, Mach)
- BAE Systems (XTS Unix)
See also
- Common Criteria
- Comparison of operating systems
- Security-evaluated operating system
- Security-focused operating system
References
- ^ Common Criteria certification report http://www.commoncriteriaportal.org/files/epfiles/0536a_pdf.pdf
- ^ Common Criteria certification report http://www.commoncriteriaportal.org/files/epfiles/st_vid10390-vr.pdf
- ^ List of AIX certifications on http://www-03.ibm.com/systems/power/software/aix/certifications/index.html
- ^ http://www.dsd.gov.au/infosec/epl/index_details.php?product_id=MjE0IyMjMjEzLjIxMy4yNDYuMjE3
- ^ Common Criteria Certification report http://www.commoncriteriaportal.org/files/epfiles/st_vid10293-vr.pdf
- ^ FreeBSD statement about support of Common Criteria requirements : http://www.freebsd.org/doc/en/articles/linux-comparison/freebsd-support.html