IBM architecture gets Common Criteria EAL5
- Subject: IBM architecture gets Common Criteria EAL5
- From: Gary Stoneburner <gary.stoneburner@nist.gov>
- Date: Wed, 14 Apr 2004 10:24:26 -0400
- Content-Type: multipart/alternative; boundary="=====================_176215671==.ALT"
re:
http://www.fcw.com/fcw/articles/2004/0405/web-ibm-04-08-04.asp
"The certification applies to the IBM eServer p630, p650 and p690 on
the POWER4 platform. It verifies that the logical partitioning
architecture creates truly separate partitions ..."
This means that the logical partitioning has received certification at a
level of security quality about the same as the TCSEC B2, which claimed
moderate resistance to penetration and was the first in the hierarchy of
TCSEC classes to make any claim of penetration resistance (C2 and B1 made
no such claim).
The result is a box which, if running multiple virtual machines (such as
a public web server, an identification server, a ...) can be expected to
isolate one virtual machine from another in a manner that is truly hard
for an attacker to circumvent or find a flaw to exploit.
Note: Any product with EAL5 or above assurances would also provide
this higher security quality and noting this IBM evaluation is not to
advance IBM but to let you know what can be done by a vendor who chooses
to do so.
Cheers,
Gary
**************************************************************************
* Opinions expressed are not intended to reflect an official
position
**************************************************************************
* Gary
Stoneburner
* Computer Security Division, National Institute of Standards &
Technology
* 100 Bureau Drive, Stop 8930, Gaithersburg, MD
20899-8930
* Phone: 301-975-5394, FAX: 301-948-0279, Email: Stoneburner@nist.gov
*
http://csrc.nist.gov/staff/stoneburner/gshome.html
**************************************************************************
Date Index |
Thread Index |
Problems or questions? Contact list-master@nist.gov