|
Trusted Computer builds secure Linux operating
system
By Bernard Cole
iApplianceWeb
(09/20/04, 2:31:32 PM GMT)
Herndon, Va. – Despite naysayers
who think that Linux cannot be made secure, Trusted Computer Solutions,
Inc. (TCS) is building its Trusted Linux platform, what it believes will be the
world's first commercially available multilevel-secure (MLS) Linux operating
system.
With beta testing now beginning, Edward
Hammersla, chief operating officer at TCS said its Trusted Linux will be a key
software component of a "trusted computing base" -- a rigorously vetted system
of software, hardware and firmware that together correctly enforces a unified
security policy. TCS Trusted Linux is expected to be available for purchase,
with evaluation and accreditation processes underway, in early 2005.
Hammersla said Trusted Linux will serve as the
foundation for the company's SecureOffice suite of secure applications, designed
to meet a level of security that is now required by the federal government and a
growing number of commercial entities in the critical infrastructure protection
sectors.
“TCS Trusted Linux is designed to accommodate
the real-world needs of government and commercial IT managers, incorporating
ease-of-use features that will make it far simpler to learn, less difficult to
use and less cumbersome to administer than traditional trusted operating
systems,” he said.
"Trusted Linux is a giant leap forward for
advancing the security and simplifying the sharing of sensitive information
across differing security domains while, at the same time, automating and
enforcing the most stringent security policies.
"This is a huge improvement over manual and
unaudited methods of sharing information -- or worst case, not sharing
information at all."
It is targeted for certification under the US
Common Criteria Evaluation and Validation Scheme at Evaluation Assurance Level 4
(EAL4). The Common Criteria is an international standard used to specify
security functionality and assurance requirements for information systems and
products. EAL4 is the highest assurancelevel ever targeted for a Linux OS.
“EAL4 and higher levels are attained by very
few operating systems, some of which require custom or specialized hardware,” he
said, unlike its Trusted Linux which he claims is designed to run on technology
from Intel and on standard, commercially available hardware platforms from
leading vendors such as Dell, HP, IBM, Silicon Graphics and Sun Microsystems.
The company is basing its Trusted Linux on the
National Security Agency's SELinux, will incorporate the security functionality
defined in three protection profiles recognized by Common Criteria: Labeled
Security Protection Profile (LSPP), Controlled Access Protection Profile (CAPP)
and Role-Based Access Control Protection Profile (RBAC).
For more information, go to
www.trustedcs.com.
For more information about topics, issues and technologies mentioned
in this story go to the flashing icon in the upper left corner on any
page or go to the iAppliance Web Views
page and call up the associatively-linked Java/XML-based Web map
of the iApplianceWeb site.
Enter the appropriate key word, product or company name to list
instantly every news and product story, product
review and product database entry relating to the topic since the beginning
of the 2002.
| 
