Solaris 10 Achieves Most Complete Global Security Certification for x86 and SPARC Systems : Solaris 10 11/06 with Trusted Extensions Combines Real World Deployability and Virtualization With Common Criteria Certification for LSPP at EAL 4+

Share Article

Sun Microsystems, Inc. (NASDAQ:JAVA) today announced the completion of a significant security benchmark for the Solaris (TM) 10 Operating System (OS). Solaris 10 11/06 with Solaris(TM) Trusted Extensions has achieved Common Criteria Certification for the Labeled Security Protection Profile (LSPP) at Evaluation Assurance Level (EAL) 4+, the highest commonly recognized global security certification. This allows Solaris 10 to be deployed by customers requiring Multi-Level Security (MLS) protection and independent validation of an OS security model - such as financial, healthcare and government institutions. More information and downloads of Solaris 10 are available at http://www.sun.com/solaris/10.

News Image
Customers will be pleased to know that Solaris was tested and certified in a dynamic, realistic computing environment on a variety of Sun(TM) x86 and SPARC systems. We feel this is an achievement that virtually no competing OS on the market can match.

Solaris 10 11/06 with Solaris Trusted Extensions achieved LSPP at EAL 4+ for both Sun(TM) x86/64 and SPARC(R) systems while combining both desktop and server-based functionality. Certification included testing Solaris 10 on a wide range of systems, to most accurately simulate a real-world environment where customers need to view and share data securely in a multi-level manner. This enables security level data, such as files marked "top secret" or "confidential", to be shared securely among non-label aware systems with heterogeneous connections.

"In deployment environments where system and data security are the chief objectives, customers demand an OS that delivers complete security without compromise. Completion of the Common Criteria Certification for LSPP at EAL 4+ validates Solaris 10 as an unsurpassed OS in terms of security performance, while also delivering the benefits customers have come to expect from Solaris such as reliability, virtualization capabilities, scalability and ease of use," said Jim McHugh, vice president of marketing for Solaris, Sun Microsystems. "Customers will be pleased to know that Solaris was tested and certified in a dynamic, realistic computing environment on a variety of Sun(TM) x86 and SPARC systems. We feel this is an achievement that virtually no competing OS on the market can match."

Common Criteria Certification for Solaris 10 11/06 with Trusted Extensions included tests for several additional functions in MLS environments including use of an LDAP-based enterprise directory server and use of network sharing of labeled file systems. With Solaris(TM) Containers, Solaris 10 11/06 with Trusted Extensions is also the first OS to complete LSPP using operating system virtualization. Solaris Containers allow a user to maximize system resources by enabling the creation of many private, labeled execution environments within a single instance of Solaris, running on a single system. Testing also included the first use of a multi-level GNOME-based graphical user interface (GUI), rather than just a command line interface for users.

In addition to certification for the LSPP, Solaris 10 11/06 with Trusted Extensions has previously received Common Criteria Certification for the Controlled Access Protection Profile (CAPP) and Role Based Access Control Protection Profile (RBACPP), both at EAL4+. Common Criteria testing for Solaris 10 for all three profiles was conducted by CGI Information Systems and Management Consultants, Inc., in Ottawa, Canada and independently validated by Canada's Communications Security Establishment (CSE). A complete list of Solaris OS versions certified by CSE is available at http://www.cse-cst.gc.ca/services/ccs/solaris10ext-e.html. More information on the security features of Solaris 10, including Solaris security certification, can be found at http://www.sun.com/software/solaris/security.

About Solaris Trusted Extensions

Solaris Trusted Extensions is a mandatory access control extension to the proven Solaris 10 security model. It utilizes User and Process Rights Management, Solaris Containers, file systems, and networking without requiring a new or separate kernel and doesn't require ISVs to requalify their applications to run them with sensitivity labels. Because it's an extension to the Solaris 10 OS security policy, Solaris Trusted Extensions technology is flexible and quick to deploy: a user can add new applications, new users, and more, very quickly, without extensive analysis of each application — and without the need to write complex, error-prone security policies.

About Sun Microsystems, Inc.

Sun Microsystems develops the technologies that power the global marketplace. Guided by a singular vision -- "The Network is the Computer(TM)" -- Sun drives network participation through shared innovation, community development and open source leadership. Sun can be found in more than 100 countries and on the Web at http://sun.com

Sun, Sun Microsystems, the Sun logo, Java, Solaris, SPARC, and The Network Is the Computer are trademarks or registered trademarks of Sun Microsystems, Inc. or its subsidiaries in the United States and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the US and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Dan Berthiaume
Visit website