C2 or B1
Russell Coker
russell at coker.com.au
Sun Jun 20 03:24:56 UTC 2004
On Sun, 20 Jun 2004 06:52, Lawrence Bowie <thesource at ldb-jab.org> wrote:
> At this point SELinux does not have official "Orange Book"
> classification, right?
Classification applies to complete OS installations. SE Linux is not an OS,
it is a security enhancement for Linux, and therefore it is not eligible for
certification on it's own. It is expected that Linux distributions
incorporating SE Linux technology will do well in certification tests. AFAIK
no-one has done such tests yet, and Red Hat Enterprise Linux 4 when it's
released next year is likely to be the first Linux distribution to go through
the certification process with SE Linux enabled.
Also I believe that classifications such as "C2" and "B1" are obsolete and
have been for years.
http://csrc.nist.gov/cc/
http://www.commoncriteriaportal.org/public/developer/index.php?menu=1
Above is a link to information on the Common Criteria (replacement for the
"Orange Book"). Computer systems are evaluated against a "Protection
Profile" (PP). Conformance to that PP is evaluated according to an
"Evaluation Assurance Level" (EAL) which is a numerical rating that indicates
how well you achieved the goals of the PP. A higher EAL number does not
necessarily mean a more secure system, a lower EAL number for a different PP
may be more difficult to achieve.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
More information about the fedora-selinux-list
mailing list