Topics
Security
Oracle Solaris | ||
Oracle Solaris 11 is in official In Evaluation status under the Canadian Common Criteria Scheme at Evaluation Assurance Level (EAL) 4 Augmented by Flaw Remediation. The evaluation is being conducted against the Operating System Protection Profile (OS PP) and includes the following four extended packages. (1) Advanced Management (AM), (2) Extended Identification and Authentication (EIA), (3) Labeled Security (LS), and (4) Virtualization (VIRT). | ||
Maintenance Addendum for Oracle Solaris 10 5/09 Trusted Extensions | Maintenance Addendum forOracle Solaris 10 5/09 | |
Oracle Solaris 10 5/09 Trusted Extensions has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Oracle Solaris 10 11/06 with Trusted Extensions. The modifications made in Oracle Solaris 10 5/09 Trusted Extensions have been reviewed to ensure that their application does not introduce new security vulnerabilities, and that the changes are consistent with the original certified Target of Evaluation (TOE). | Oracle Solaris 10 5/09 has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Oracle Solaris 10 11/06. The modifications made in Oracle Solaris 10 5/09 have been reviewed to ensure that their application does not introduce new security vulnerabilities and that the changes are consistent with the original certified Target of Evaluation (TOE). | |
Part Number SOLZ9-10KC9A7
|
| |
Maintenance Addendum forOracle Solaris 10 5/08 with Trusted Extensions | Maintenance Addendum forOracle Solaris 10 5/08 | |
Oracle Solaris 10 5/08 with Trusted Extensions has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Oracle Solaris 10 11/06 with Trusted Extensions. The modifications made in Oracle Solaris 10 5/08 with Trusted Extensions have been reviewed to ensure that their application does not introduce new security vulnerabilities, and that the changes are consistent with the original certified Target of Evaluation (TOE). | Oracle Solaris 10 5/08 has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Oracle Solaris 10 11/06. The modifications made in Oracle Solaris 10 5/08 have been reviewed to ensure that their application does not introduce new security vulnerabilities and that the changes are consistent with the original certified Target of Evaluation (TOE). | |
|
Solaris 10 5/08 DVD Media Kit Part Number: SOLZ9-10IC9A7M | |
Oracle Solaris 10 11/06 with Trusted Extensions - Extends Solaris OS security | Oracle Solaris 10 11/06 Operating Environment | |
A Common Criteria Certificate was awarded to Sun Microsystems on June 11, 2008 by the Canadian Common Criteria Evaluation and Certification Scheme. Oracle Solaris 10 11/06 with Trusted Extensions is an extension to the proven Oracle Solaris 10 security model. It utilizes User and Process Rights Management, Oracle Solaris Containers, file systems, and networking and doesn't require a new or separate kernel. Best of all, it doesn't require ISVs to requalify their applications to run them with sensitivity labels. Because it's an extension to the Oracle Solaris 10 OS's security policy, Oracle Solaris 10 11/06 with Trusted Extensions technology is flexible and quick to deploy: You can add new applications, new users, and more, very quickly, without extensive analysis of each application — and without the need to write complex, error-prone security policies that require a system reboot. Security Features in the Evaluated Configuration include:
Oracle Solaris 10 11/06 with Trusted Extensions has been certified on:
The Oracle Solaris 10 11/06 with Trusted Extensions Certified software consists of the Operating Environment and a subset of patches which have been reviewed to ensure that their application introduces no new security vulnerabilities. | A Common Criteria Certificate was awarded to Sun Microsystems on November 6, 2007 by the Canadian Common Criteria Evaluation and Certification Scheme. The Oracle Solaris 10 11/06 operating system is conformant with the Controlled Access Protection Profile (CAPP), Version 1.d, October 8, 1999 and with the Role Based Access Control Protection Profile (RBACPP), Version 1.0, July 30, 1998 and is certified for use on SPARC and AMD/Intel based platforms. Oracle Solaris 10 11/06 Security Features in the Evaluated Configuration include:
The Oracle Solaris 10 11/06 Certified software consists of the Oracle Solaris 10 11/06 Operating Environment and a subset of Oracle Solaris 10 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities.
| |
|
| |
Oracle Solaris 10 03/05 Operating Environment
| Oracle Solaris 9 08/03 Operating Environment
| |
The Oracle Solaris 10 03/05 operating system is conformant with the Controlled Access Protection Profile (CAPP), Version 1.d, October 8, 1999 and with the Role Based Access Control Protection Profile (RBACPP), Version 1.0, July 30, 1998 and is certified for use on SPARC and AMD based platforms. The Oracle Solaris 10 03/05 Certified software consists of the Oracle Solaris 10 03/05 Operating Environment and a subset of Oracle Solaris 10 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities. | Oracle Solaris 9 8/03 has been certified under the Common Criteria at EAL4+ under the Controlled Access Protection Profile and Role Based Access Control Protection Profile for use with Ultra II, Ultra III and Sun Fire servers. The Oracle Solaris 9 8/03 Certified software consists of Oracle Solaris 9 8/03 Operating Environment (SPARC Platform Edition), and the subset of Oracle Solaris 9 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities. | |
|
| |
Trusted Oracle Solaris 8 4/01 Operating Environment |
| |
Trusted Oracle Solaris 8 4/01 is a highly configurable, multilevel trusted operating environment based on Sun's Oracle Solaris 8 4/01 operating environment. It meets and exceeds the specific security requirements of the Labeled Security, Role-based Access Control, and Controlled Access protection profiles of the Common Criteria. Features include:
The TOE was certified to EAL4 in June 2002. The ALC_FLR.3 augmentation was certified in March 2004. Assurance has now been maintained using the Common Criteria Assurance Continuity process to fully cover version 8 2/04; see the Maintenance Report and updated Security Target for details. You can find further information on certification of the Trusted Oracle Solaris 8 4/01 Operating Environment on the UK Information Technology Security Evaluation and Certification Scheme Web site. |
| |
|
| |
Supported Hardware
| Certification Irrelevant Patches | |
Oracle Solaris 10 11/06 Operating Environment has been certified on:
Oracle Solaris 10 03/05 Operating Environment has been certified on:
Oracle Solaris 9 8/03 Operating Environment has been certified on:
Trusted Oracle Solaris 8 4/01 Operating Environment has been certified on:
| A certification irrelevant patch is one which does not affect the Common Criteria (CC) certification. The determination of the "irrelevant" status of a patch was only a Sun-internal process and did not involve the Certification Body. If a patch was found to be certification irrelevant, the patch ID, revision number, and description was added to the list of approved Certification Irrelevant Patches, which is shown below. The patch can then be applied directly and it will not compromise the CC certification of the system. The certification irrelevant patches are not included in the Assurance Continuity (Oracle Solaris 9 and newer) or the Certificate Maintenance Scheme (Oracle Solaris 8) patch sets. Oracle Solaris 10 11/06 Certification Irrelevant Patch List
Oracle Solaris 10 3/05 Certification Irrelevant Patch List
Oracle Solaris 9 08/03 Certification Irrelevant Patch List
Oracle Solaris 8 02/02 Certification Irrelevant Patch List
| |
Printer View