Oracle Solaris 



 
Oracle Solaris 11.1  
Maintenance Addendum for Oracle Solaris 10 5/09 Trusted Extensions Oracle Solaris 10 03/05 Operating Environment
Maintenance Addendum for Oracle Solaris 10 5/09 Oracle Solaris 9 08/03 Operating Environment
Maintenance Addendum for Oracle Solaris 10 5/08 with Trusted Extensions Trusted Oracle Solaris 8 4/01
Maintenance Addendum for Oracle Solaris 10 5/08 Supported Hardware (Solaris 10 Only)
Oracle Solaris 10 11/06 with Trusted Extensions  Certification Irrelevant Patches

Oracle Solaris 11.1

 
The Oracle Solaris 11.1 operating system has achieved a Common Criteria certification on March 18, 2014 at EAL4+  under the Canadian Common Criteria Scheme (CCCS) conformant to the BSI Operating System Protection Profile v2.0 2010-06-01 with the following 4 extended packages.
  1. Advanced Management
  2. Extended identification & Authentication
  3. Labeled Security
  4. Virtualization
It is a hardware independent evaluation.

 

 

Maintenance Addendum for Oracle Solaris 10 5/09 Trusted Extensions

Maintenance Addendum for

Oracle Solaris 10 5/09

Oracle Solaris 10 5/09 Trusted Extensions has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Oracle Solaris 10 11/06 with Trusted Extensions. The modifications made in Oracle Solaris 10 5/09 Trusted Extensions have been reviewed to ensure that their application does not introduce new security vulnerabilities, and that the changes are consistent with the original certified Target of Evaluation (TOE).

Oracle Solaris 10 5/09 has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Oracle Solaris 10 11/06. The modifications made in Oracle Solaris 10 5/09 have been reviewed to ensure that their application does not introduce new security vulnerabilities and that the changes are consistent with the original certified Target of Evaluation (TOE).

Solaris 10 5/09 DVD Media Kit
Part Number SOLZ9-10KC9A7

 

 

  • Solaris 10 5/09 DVD Media Kit
    Part Number SOLZ9-10KC9A7M 

Maintenance Addendum for

Oracle Solaris 10 5/08 with Trusted Extensions

Maintenance Addendum for

Oracle Solaris 10 5/08

Oracle Solaris 10 5/08 with Trusted Extensions has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Oracle Solaris 10 11/06 with Trusted Extensions. The modifications made in Oracle Solaris 10 5/08 with Trusted Extensions have been reviewed to ensure that their application does not introduce new security vulnerabilities, and that the changes are consistent with the original certified Target of Evaluation (TOE).

Oracle Solaris 10 5/08 has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Oracle Solaris 10 11/06. The modifications made in Oracle Solaris 10 5/08 have been reviewed to ensure that their application does not introduce new security vulnerabilities and that the changes are consistent with the original certified Target of Evaluation (TOE).

  • Solaris 10 5/08 DVD Media Kit
    Part Number: SOLZ9-10IC9A7M

 

Solaris 10 5/08 DVD Media Kit
Part Number: SOLZ9-10IC9A7M

Oracle Solaris 10 11/06 with Trusted Extensions - Extends Solaris OS security

Oracle Solaris 10 11/06 Operating Environment

A Common Criteria Certificate was awarded to Sun Microsystems on June 11, 2008 by the Canadian Common Criteria Evaluation and Certification Scheme.

Oracle Solaris 10 11/06 with Trusted Extensions is an extension to the proven Oracle Solaris 10 security model. It utilizes User and Process Rights Management, Oracle Solaris Containers, file systems, and networking and doesn't require a new or separate kernel. Best of all, it doesn't require ISVs to requalify their applications to run them with sensitivity labels. Because it's an extension to the Oracle Solaris 10 OS's security policy, Oracle Solaris 10 11/06 with Trusted Extensions technology is flexible and quick to deploy: You can add new applications, new users, and more, very quickly, without extensive analysis of each application — and without the need to write complex, error-prone security policies that require a system reboot.

Security Features in the Evaluated Configuration include:

  • MAC and DAC - including ACLs;
  • Least privilege with fine-grained privileges for all policies;
  • Trusted networking and trusted NFS;
  • Identification and authentication - including password generation;
  • Roles for separating user and administration capabilities;
  • Rights profiles for grouping commands, applications, and authorizations and assigning to users or roles;
  • Centralized administration with easy-to-use graphical tools;
  • Auditing which records the actions of users and roles as well as non-attributable events;
  • Sun's Common Desktop Environment (CDE) and Sun Java Desktop System Multilevel windowing environment with trusted path for invoking trusted commands and applications.

Oracle Solaris 10 11/06 with Trusted Extensions has been certified on:

  • Workstations and servers using an UltraSPARC III, UltraSPARC IIIi, UltraSPARC II, UltraSPARC IIe, UltraSPARC IIi, or UltraSPARC T1 processor in single or multiple configuration.
  • The Netra 1280 and Sun Fire mid-frame and high-end family offering Dynamic Reconfiguration and Multiple Domaining using an UltraSPARC III, UltraSPARC III Cu (copper based) or UltraSPARC IV processor.
  • AMD based processor systems: AMD Opteron 800, 1200, and 8000 series; AMD-64 100, 200, and 2000 series; AMD dual-core 1200 and 2000 series; AMD Opteron 285; and, Intel Xeon.

The Oracle Solaris 10 11/06 with Trusted Extensions Certified software consists of the Operating Environment and a subset of patches which have been reviewed to ensure that their application introduces no new security vulnerabilities.

A Common Criteria Certificate was awarded to Sun Microsystems on November 6, 2007 by the Canadian Common Criteria Evaluation and Certification Scheme.

The Oracle Solaris 10 11/06 operating system is conformant with the Controlled Access Protection Profile (CAPP), Version 1.d, October 8, 1999 and with the Role Based Access Control Protection Profile (RBACPP), Version 1.0, July 30, 1998 and is certified for use on SPARC and AMD/Intel based platforms.

Oracle Solaris 10 11/06 Security Features in the Evaluated Configuration include:

  • Discretionary Access Control (DAC) - including ACLs;
  • Least privilege with fine-grained privileges for all policies;
  • Flexible Enterprise Identification and Authentication - including PAM and kerberos;
  • Roles for separating user and administration capabilities;
  • Centralized administration with easy-to-use graphical tools;
  • Auditing which records the actions of users and roles as well as non-attributable events;
  • Trusted Windowing Environment - Users can chose between Sun's Common Desktop Environment (CDE) and Sun Java Desktop System (JDS) Operating Environment.

The Oracle Solaris 10 11/06 Certified software consists of the Oracle Solaris 10 11/06 Operating Environment and a subset of Oracle Solaris 10 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities.

 

  • Solaris 10 11/06 DVD Media Kit
    Part Number: SOLZ9-10FC9A7M 
  • Solaris 10 11/06 DVD Media Kit
    Part Number: SOLZ9-10FC9A7M

Oracle Solaris 10 03/05 Operating Environment

 

Oracle Solaris 9 08/03 Operating Environment

 

The Oracle Solaris 10 03/05 operating system is conformant with the Controlled Access Protection Profile (CAPP), Version 1.d, October 8, 1999 and with the Role Based Access Control Protection Profile (RBACPP), Version 1.0, July 30, 1998 and is certified for use on SPARC and AMD based platforms.

The Oracle Solaris 10 03/05 Certified software consists of the Oracle Solaris 10 03/05 Operating Environment and a subset of Oracle Solaris 10 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities. 

Oracle Solaris 9 8/03 has been certified under the Common Criteria at EAL4+ under the Controlled Access Protection Profile and Role Based Access Control Protection Profile for use with Ultra II, Ultra III and Sun Fire servers.

The Oracle Solaris 9 8/03 Certified software consists of Oracle Solaris 9 8/03 Operating Environment (SPARC Platform Edition), and the subset of Oracle Solaris 9 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities. 

  • Solaris 10 03/05 DVD Media Kit
    Part Number: SOLZ9-10AC9A7M

 

  • Solaris 9 8/03 Multilingual CD Media Kit (SPARC Platform Edition) with Minimal Install Docs
    Part Number: SOLZS-09EC9AYS

Trusted Oracle Solaris 8 4/01 Operating Environment 

 

 

Trusted Oracle Solaris 8 4/01 is a highly configurable, multilevel trusted operating environment based on Sun's Oracle Solaris 8 4/01 operating environment. It meets and exceeds the specific security requirements of the Labeled Security, Role-based Access Control, and Controlled Access protection profiles of the Common Criteria.

Features include:

  • MAC and DAC - including ACLs;
  • Least privilege with fine-grained privileges for all policies;
  • Trusted networking and trusted NFS;
  • Identification and authentication - including password generation;
  • Roles for separating user and administration capabilities;
  • Rights profiles for grouping commands, applications, and authorisations and assigning to users or roles;
  • Multilevel windowing environment with trusted path for invoking trusted commands and applications;
  • Centralized administration with easy-to-use graphical tools;
  • Auditing which records the actions of users and roles as well as non-attributable events.

The TOE was certified to EAL4 in June 2002. The ALC_FLR.3 augmentation was certified in March 2004. Assurance has now been maintained using the Common Criteria Assurance Continuity process to fully cover version 8 2/04; see the Maintenance Report and updated Security Target for details.

You can find further information on certification of the Trusted Oracle Solaris 8 4/01 Operating Environment on the UK Information Technology Security Evaluation and Certification Scheme Web site.

 

 

 

 

Supported Hardware

 

Certification Irrelevant Patches

Oracle Solaris 10 11/06 Operating Environment has been certified on:

  • Workstations and servers using an UltraSPARC III, UltraSPARC IIIi, UltraSPARC II, UltraSPARC IIe, UltraSPARC IIi, or UltraSPARC T1 processor in single or multiple configuration.
  • The Netra 1280 and Sun Fire mid-frame and high-end family offering Dynamic Reconfiguration and Multiple Domaining using an UltraSPARC III, UltraSPARC III Cu (copper based) or UltraSPARC IV processor.
  • AMD based processor systems: AMD Opteron 800, 1200, and 8000 series; AMD-64 100, 200, and 2000 series; AMD dual-core 1200 and 2000 series; AMD Opteron 285; and, Intel Xeon.

Oracle Solaris 10 03/05 Operating Environment has been certified on:

  • Workstations and servers using an UltraSPARC III, UltraSPARC IIIi or UltraSPARC IIi processor in single or multiple configuration.
  • The Netra 1280 and Sun Fire mid-frame and high-end family offering Dynamic Reconfiguration and Multiple Domaining using an UltraSPARC III, UltraSPARC III Cu (copper based) or UltraSPARC IV processor.
  • AMD based processor systems: AMD Opteron 200 and 800, AMD-64 100 (W1100z) and AMD-64 200 (W2100z).

Oracle Solaris 9 8/03 Operating Environment has been certified on:

  • UltraSPARC 5, 10, 30, 60, 80, 450
  • Sun Blade 100, 150, 1000, 2000
  • E220R, E250, E420R, E450, E3500, E4500, E5500, E6500, E10000
  • Sun Fire B100s, V100, V120, V210, V240, V250, V280R, V480, V880, V880z, V1280, 3800, 4800, 4810, 6800, 12000, 15000
  • Netra 20, 120, CT410, CT810, 1280

Trusted Oracle Solaris 8 4/01 Operating Environment has been certified on:

  • Sun Blade 1500, 2000, 2500
  • ServerBlade 1
  • Sun Fire V60, V210, V240, V250, V440, V1280, V480, V490, V880, V890, 3800, 4800, 4810, 6800, 15K, 20K, 25K
  • Sun Fire E2900, E4900, E6900 Server
  • AMD Athlon, Opteron
  • Intel P4, Xeon MP
  • Sony Vaio Laptop
  • Panasonic Tough 50 Laptop
  • Dell PowerEdge 2650

 

A certification irrelevant patch is one which does not affect the Common Criteria (CC) certification.

The determination of the "irrelevant" status of a patch was only a Sun-internal process and did not involve the Certification Body.

If a patch was found to be certification irrelevant, the patch ID, revision number, and description was added to the list of approved Certification Irrelevant Patches, which is shown below. The patch can then be applied directly  and it will not compromise the CC certification of the system.

The certification irrelevant patches are not included in the Assurance Continuity (Oracle Solaris 9 and newer) or the Certificate Maintenance Scheme (Oracle Solaris 8) patch sets.

Oracle Solaris 10 11/06 Certification Irrelevant Patch List

  • 122530-06: SunOS 5.10_x86: nge patch

Oracle Solaris 10 3/05 Certification Irrelevant Patch List

  • 122530-06: SunOS 5.10_x86: nge patch

Oracle Solaris 9 08/03 Certification Irrelevant Patch List

  • 115651-02: SunOS 5.9: usr/lib/acct/runacct Patch

Oracle Solaris 8 02/02 Certification Irrelevant Patch List

  • 108434-18: SunOS 5.8: 32-bit shared library patch for C++
  • 108435-18: SunOS 5.8: 64-bit shared library patch for C++
  • 109147-07: SunOS 5.8: Linker patch
  • 109320-19: SunOS 5.8: LP Patch
  • 114537-26: SunOS 5.8: Sun XVR-100 Graphics Accelerator Patch
  • 115274-05: /usr/sbin/raidctl patch
  • 115275-07: mpt driver patch