Red Hat Linux Gets Top Government Security Rating

By
Mon, June 18, 2007
. What's this?

IDG News Service (San Francisco Bureau) — Red Hat Linux has received a new level of security certification that should make the software more appealing to some government agencies.

Last week IBM was able to achieve EAL4 Augmented with ALC_FLR.3 certification for Red Hat Enterprise Linux, putting it on a par with Sun Microsystems' Trusted Solaris operating system, said Dan Frye, vice president of open systems with IBM.

"This is the highest level of security function that anybody has," Frye said. "We have delivered LSPP functionality in Red Hat Enterprise Linux 5 and we have certified that at the EAL4 level of assurance."

This rating is awarded by the government-funded National Information Assurance Partnership's (NIAP) Common Criteria Evaluation and Validation Scheme for IT Security program, which evaluates the security of commercial technology products.

 
RELATED STORY
 
Windows vs. Linux vs. OS X
 

Red Hat Linux has been certified EAL4 Augmented with ALC_FLR.3 on IBM's mainframe, System x, System p5 and eServer systems.

This level of security certification is not usually required for enterprise contracts, but it is mandatory for some programs within government agencies such as the U.S. Department of Defense and the U.S. National Security Agency, Frye said.

Linux had already been certified at the EAL4 level, but this is the first time that the operating system has received the Labeled Security Protection Profile (LSPP) certification, which relates to its access-control features.

Linux developers have been working to add these "SE Linux" access control features into the operating system for several years now. SE Linux shipped as part of Red Hat Enterprise Linux 5, and now it has been certified for government use, Frye said. "You now have a level of fine-grained control for everybody," he added. "You can set security based on groups or based on individuals."

In addition to LSPP, Red Hat Linux has been certified with Role Based Access Control Protection (RBAC), and that too is noteworthy, said Red Hat.

"Historically, OS vendors have required you buy a separate branched OS to get something that is LSPP and RBAC certified," the company said in a statement. "This is something completely unique for commercial operating systems because the support for multilevel security is native to the OS."

According to Frye, the certification is "big news for the Linux industry" because it shows that open-source software can be used for sensitive computing tasks. "If anyone had any doubts that you could do this with an open-source operating system, we've proved them wrong."

Similar to this Article
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
White Papers »
Meridina fly Case Study
Online airline and travel group Meridiana fly needed a faster, more cost-effective way for its growing customer base to book reservations online. They turned to the Riverbed® Stingray™ Traffic Manager, which ensured a fast, responsive website that could cope with increasing high-demand. The company's pages now load much faster, and downtime is a thing of the past.
Consolidating Lotus Domino x86 Workloads on IBM Power Systems
Read the white paper to learn how moving up to Lotus Domino 8.5 and consolidating with IBM Power Servers can help you boost performance results and ROI.
A Comparison of PowerVM and VMware vSphere (4.1 & 5.0) Virtualization Performance
This technical white paper presents benchmark results showing greater VM consolidation ratios than demonstrated in previous benchmarks and demonstrating the extent of the performance lead that PowerVM virtualization technologies deliver over x86-based add-on virtualization products.
Finding the right cloud solutions for your organization
HP is driving the evolution of what we call the Instant-On Enterprise. It is an enterprise that embeds technology into everything it does to better serve citizens, partners, employees, and clients. We believe that today's Instant-On Enterprises need to think differently about how they source and deliver services that are enabled by technology. They need to take advantage of a hybrid delivery model-one that truly optimizes the mix between traditional IT, private cloud, and public cloud.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Converged Infrastructure for Dummies
As you know, everything is mobile, connected, interactive, and immediate. This is exactly why organizations need a highly agile IT infrastructure in order to keep pace with extreme fluctuations in business demand. This book will help you understand why infrastructure convergence has been widely accepted as the optimal approach for simplifying and accelerating your IT to deliver services at the speed of business while also shifting significantly more IT resources from operations to innovation.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Seven Priorities for Integrated Network Management - How HP Intelligent Management Center Delivers an Enterprise-class Solution
This white paper describes the major requirements for network management solutions to help the organizations become more profitable, efficient and reliable.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.
Webcasts »
Virtualization Success is a Team Effort
As greater numbers of datacenter servers transition from the physical to the virtual world, the components of virtualization success come to the fore. What scores of organizations have discovered is that success is derived from an optimal pairing of the right software platform with the right hardware platform.
Oracle Database Appliance Best Practices
Business users increasingly demand 24x7 availability of their data while IT departments face the challenge of ensuring maximum availability while operating with limited budgets.
Unlock the Value of Cloud Computing with Workload Automation
Learn how to get the most from your cloud investment in our on-demand webinar from BMC and InformationWeek. You'll hear how integrating the cloud into your production workload brings critical business benefits.
Best Practices to Optimize Your Data Center at Every Layer of the Stack
Date: May 31, 2012
Time: 1 PM EST

Organizations are reaping the benefits of simplifying IT, lowering costs and dramatically improving transactional throughput by deploying optimized application-to-disk solutions. These pre-tuned, tested solutions encompass a wide variety of applications and use cases. Hear from industry experts, and IT executives, how these full-stack solutions can achieve three times faster deployment times and up to 75% reductions in acquisition and operational costs.
Workload Automation Trends and Best Practices in 2012
Find out when you join EMA Senior Analyst, Torsten Volk, for a discussion on the 2012 trends in workload automation and how these trends contribute to better connecting workload automation to business processes. These trends are derived from EMA's empirical research work conducted for the 2012 Workload Automation Radar Report.
Analytics at the Speed of Thought
What if you could run financial and operational planning cycles 10 times faster? Or monitor and adjust marketing campaigns in real time? What if you could instantly visualize how a price change would impact the profitability of thousands of products?
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Meridina fly Case Study

Consolidating Lotus Domino x86 Workloads on IBM Power Systems

A Comparison of PowerVM and VMware vSphere (4.1 & 5.0) Virtualization Performance

Finding the right cloud solutions for your organization

Converged Infrastructure for Dummies

Seven Priorities for Integrated Network Management - How HP Intelligent Management Center Delivers an Enterprise-class Solution

Measuring the Business Value of CI in the Data Center

Building Cloud-Optimized Data Center Networks white paper

The Forrester Wave: Activities Streams, Q2 2012

SMBs Get Virtualization, Plus the Benefits of High Core Count Processors

Virtualized for Agility

The Accelerated SMB: Moving at the Speed of Virtualization

Make Virtual Desktops a Valuable Reality with AMD

Has Your Server Infrastructure Kept Pace with End User Demands?

Real Fabrics for a Virtual World

Enabling Remote Employees with High Quality Video

From Systems to Service Management: Running Your IT Department Like a Business

Generation Gmail: How are you dealing with "work-around email" workers?

5 steps from Scheduler to Enterprise Workload Automation

Optimizing Business Processes in Today's Enterprises
Sponsored Links

Connect with IT leaders redefining mobility at the Enterprise Mobile Hub

Choose New and manage one device instead of 170

Choose New for 8x the firewall and NAT performance

Check out a smart way of mobilizing your business with enterprise-ready Samsung Mobile.

Redefine your data center with HP servers.

Enhance your business with Windstream IT Solutions. Speak to someone local.

BlackBerry® Mobile Fusion. Different mobile devices. One platform.

Click to see how Accenture has delivered high performance to clients

CYBERMARYLAND | Learn Why Maryland is the Epicenter for Cybersecurity

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Cognizant. Leading in Business, Application & Technology Services

Collaboration: driving better business outcomes

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Elevate storage agility and efficiency with HP 3PAR storage.

Choose New and slash the number of devices you manage

Customized information views & Twitter events at New Fulcrum Point

Splunk translates machine data into "aha" moments for IT and the business.

ManageEngine Desktop Central - Automate and Audit Your Desktop Management! Learn More...

Cloud Readiness Starts with Intel® Technology

High performance. Delivered. Click to see Accenture's client successes

Visit the Virtually There Learning Page to learn how to use virtualization to your competitive advantage.

Free: Hunter Muller's "The Transformational CIO."

Join us for an upcoming Microsoft 365 live online demo event.

Discover your easiest path to unified communications

Virtualizing Your Infrastructure Just Got Easier

Connect with global CIOs now at Enterprise CIO Forum

Resource Center
buy a link »
Ads by TechWords