Sun Microsystems, Inc.
4150 Network Circle
Santa Clara, CA 95054
Solaris 10 Release 11/06 Trusted Extensions, hereafter referred to as Solaris Trusted Extensions, from Sun Microsystems Inc., was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at CGI Information Systems & Management Consultants Inc., Ottawa, Canada. The evaluation was completed in June 2008.
The evaluation of Solaris Trusted Extensions determined that this Information Technology (IT) product can be trusted, to an assurance level of EAL 4 augmented with ALC_FLR.3, to conform to the requirements of the associated security target.
Solaris is a highly-configurable UNIX-based operating system. Originally developed to meet the requirements of the C2 class of the U.S. Department of Defence (DoD) Trusted Computer System Evaluation Criteria (TCSEC), it now meets specific equivalent Protection Profiles developed within the Common Criteria Project. These broad requirements are described for the Common Criteria scheme in the Controlled Access Protection Profile (CAPP) and the Role Based Access Control Protection Profile (RBAC).
Solaris Trusted Extensions has been developed to meet the requirements of the B1 class of the TCSEC, and now meets the equivalent Labelled Security Protection Profile (LSPP) in addition to the (CAPP) and (RBAC) by virtue of the underlying Solaris 10 11/06 operating system.
A Solaris Trusted Extensions system consists of a number of workstations and/or servers linked together to form a single distributed system. Users share the resources of multiple workstations and/or servers connected together in a single, distributed Trusted Computing Base.
The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for Solaris Trusted Extensions, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that Solaris Trusted Extensions satisfies its IT security requirements.
Consumers are advised to carefully review the certification report to gain an understanding of the security functionality, the evaluated configuration, and the intended operating environment for Solaris Trusted Extensions.
Product Type: Operating System
Protection Profile Identifiers:
- Controlled Access Protection Profile, Version 1.d;
- Labelled Security Protection Profile, Version 1.b; and
- Role Based Access Control Protection Profile Version 1.0.