Wednesday, July 7, 2010

Operating System Protection Profile Published

We are very happy with the result of this project: the OSPP offers a flexible approach allowing the consideration of many security functions, which are often implemented by different cooperating systems. The OSPP is based on today's best practices in the security functions expected from a modern operating system and addresses secure OS deployment. The development included expert advice from industry and government. Best of all, it is designed to be open for future development. The process taken to develop the Protection Profile in close cooperation between vendors, users, evaluators and certifiers should become a standard for the development of Common Criteria protection profiles and other such areas of industry significance where cybersecurity is dependent on a united position. atsec's long term experience with the security evaluation of many operating systems from different vendors including Apple, Cray, IBM, Microsoft, Novell SUSE, Red Hat, and Silicon Graphics was a key factor to develop a protection profile capable of addressing the security functionality modern operating systems provide.

The OSPP can be viewed at the BSI website.

For more information, please read:

Helmut Kurth

No comments:

Post a Comment

Comments are moderated with the goal of reducing spam. This means that there may be a delay before your comment shows up.