atsec information security recently completed the evaluation of IBM's z/OS V1R8 in the world's largest and most complex operating system evaluation.
The first evaluation of z/OS, at V1R6, was performed in 2005 at EAL3, followed by a re-evaluation of V1R7 in 2006 at EAL4 with added security features. The current re-evaluation of IBM z/OS V1R8 at EAL4 addressed significantly enhanced security functions and provides assurance of the product in a format that is typically installed and operated. The Security Target specifying the target of evaluation is publicly available at atsec's Common Criteria evaluations page (link below). Some noteable features of the evaluation include:
Jim Porell, IBM Distinguished Engineer and Chief Architect for System z Software, commented: "The Common Criteria Evaluation of z/OS 1.8 was a complex effort requiring cooperation between IBM and atsec. The Common Criteria provides a good definition of the development processes and protection profiles that can be deployed to satisfy those business needs. We are pleased with the results of this evaluation and our working relationship with atsec."
Marvin Schaefer, Former Chief Scientist at the National Computer Security Center at the NSA, adds: "IBM's z/OS Version 1 Release 8 operating system evolved from what was, in the late 1970s, the powerful, but complex, MVS operating system. At that time, its access control mechanisms were quite weak and easily defeated. Even with the integration of RACF, the system was not only subject to compromise, but because of the complexity of its structure and implementation, it was extremely difficult and time-consuming to evaluate its security policy and mechanisms against the criteria of the US Department of Defense Trusted Computer System Evaluation Criteria (the Orange Book). Its initial evaluation by the National Computer Security Center (NCSC) took years, and was only partially successful. As a consequence, IBM made a considerable investment in restructuring MVS/RACF and integrating it with supportive hardware security mechanisms - and more importantly, with a security policy-driven discipline of design, documentation and programming. The resulting system, z/OS, is considerably richer and more complex than its antecedent MVS. Because system security became a central design principle, and because the development effort was closely coordinated with the independent team of evaluators, the formidable task of identifying and analyzing z/OS's large set of interfaces and its management of privilege became tractable. Through close and co-operative work with its evaluators, z/OS's interfaces and management of privilege have been documented such as to permit a full and rigorous assessment to be completed in a little more than a year. I have full confidence that z/OS and its completed evaluation represent an exceptional technological achievement."
Operating system evaluation is the greatest test of competence in the field, and from early on in its history as a Common Criteria evaluation laboratory, atsec has led the way in operating system evaluations under both the German BSI and U.S. CCEVS Schemes. atsec's record of evaluation at this level includes evaluations of IBM AIX 5.3 (CAPP and LSPP) twelve Linux versions on five different platforms IBM z/OS V1R7 at the EAL4 level, as well as the zSeries-based z/VM and PR/SM virtual machine and logical partitioning products. atsec has already completed two EAL5 evaluations of IBM PR/SM products.
atsec has completed a total of more than 40 evaluations since its initial accreditation as a Common Criteria lab by the German BSI Scheme in 2002. Accreditation by the U.S. CCEVS Scheme followed in 2005, and in 2006 atsec received provisional CC lab status under the Swedish CSEC scheme.
[This provides a rare and interesting insight into the certification process and demonstrates how pensive stringency is the key to the development of top quality products. --Ed].
Related links: (Open in a new window.)
www.atsec.com/01/common-criteria-evaluations.html
Taken from Information Security Bulletin.