Some operating systems have achieved a certification from an external security auditing organization, such as a B2 or A1 TCSEC or Common Criteria certification.

Note that meeting a given set of evaluation criteria does not make a computer operating system secure . Certificates are not endorsements of the goodness of an IT product by any organization that recognizes or gives effect to the certificate. A certificate represents the successful completion of a validation that product met CC requirements for which it was evaluated/tested.

Note that certifications are given for a particular configuration of the system running on a certain set of hardware; the certificate is only valid for this specific configuation, and does not extend to the same software if any aspect of the installation is altered in any way. Often these scenarios are extremely limited compared to the normal environments in which computer operating systems are usually used.

Moreover, the field of operating systems which can apply to be evaluated is restricted to those with strong corporative backing, because of the costs that ensue. In general, you will find the most popular vendors listed here, while this does not mean that other solutions, such as OSS solutions, couldn t reach, or exceed this level of security under certain circumstances, without even having tried to pass this advocacy evaluation.

= Trusted Solaris =

Trusted Solaris is a security-focused version of the Solaris Operating Environment Unix operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable authentication, mandatory access control, additional physical authentication devices, and fine-grained access control. Versions of Trusted Solaris through version 8 are Common Criteria certified. See [http://wwws.sun.com/software/security/securitycert/trustedsolaris.html] and [http://wwws.sun.com/software/security/securitycert/images/TSol8_7-03CMS.jpg] Trusted Solaris Version 8 received the Evaluation_Assurance_Level4 certification level augmented by a number of protection profiles. See [http://csrc.nist.gov/cc/Documents/CC%20v2.1%20-%20HTML/PART3/PART36.HTM] for explanation of The Evaluation Assurance Levels.

= BAE Systems STOP =

BAE Systems STOP version 6.0.E received an Evaluation_Assurance_Level4+ in April 2004 and the 6.1.E version received an Evaluation_Assurance_Level5+ certification in March 2005. Previous versions of STOP have held a B3 certification under TCSEC. While STOP 6 is binary compatible with Linux, it is not derived from the Linux kernel. See [http://www.digitalnet.com/solutions/information_assurance/xts400_trusted_sys.htm] for an overview of the system.

= Red Hat Enterprise Linux 3 =

Red Hat Enterprise Linux 3 is a version of the GNU/Linux operating system. It was evaluated at Evaluation_Assurance_Level2 in February 2004. [http://niap.nist.gov/cc-scheme/vpl/vpl_vendor.html]

= SUSE =

Novell s Suse Enterprise Linux Server 9 running on an IBM eServer was certified at CAPP/Evaluation_Assurance_Level4+ in February 2005. [http://www.heise.de/english/newsticker/news/56451 News release at heise.de]

= Windows 2000 =

Windows 2000 Server, Advanced Server, and Professional, each with Service Pack 3 and Q326886 Hotfix operating on the x86 platform were certified as [http://niap.nist.gov/cc-scheme/st/ST_VID4002-VR.pdf CAPP/EAL 4 Augmented ALC_FLR.3]in October 2002. (This includes standard configurations as Domain Controller, Server in a Domain, Stand-alone Server, Workstation in a Domain, Stand-alone Workstation)

=See also=