imported>Cewbot: Maintain {{WPBS}}: 1 WikiProject template. Create {{WPBS}}.

2024-08-27T16:29:04Z

Maintain {{WPBS}}: 1 WikiProject template. Create {{WPBS}}.

New page

{{WikiProject banner shell|
{{WikiProject Disambiguation}}
}}
Operating systems that achieve a [[Common Criteria]] certification, are still not generally considered "secure" operating systems. 100% security is practically impossible. Therefore the standard name for a system that is common criteria certified is "trusted". I think this article should be moved to 'trusted operating systems'. I could be wrong about the specific semantics though. Hopefully someone can comment. - [[User:Taxman|Taxman]] 12:17, May 28, 2004 (UTC)

Besides, what level of certification did Trusted Solaris get? I'd be surprised if it was B2.

: details [http://wwws.sun.com/software/security/securitycert/trustedsolaris.html here] (it's alphabetti-spaghetti to me) -- [[User:Finlay McWalter|Finlay McWalter]] | [[User talk:Finlay McWalter | Talk]] 12:52, 28 May 2004 (UTC)

::EAL4 is the level it recieved it seems (along with some protection profile augmentation, whatever that means. [http://csrc.nist.gov/cc/Documents/CC%20v2.1%20-%20HTML/PART3/PART36.HTM] For an explanation of the EAL levels. I'm not sure how or if those map accurately to the old [[Orange Book]] levels of B2 C1, etc. - [[User:Taxman|Taxman]] 14:36, May 28, 2004 (UTC)
:::C2 is typically put at CAPP/EAL4 -- Controlled Access Protection Profile, a discretionary access control model, at Assurance Level 4. The B-levels from the Orange Book introduced MAC (Mandatory Access Control), which maps to the MAPP, or Mandatory Access Protection Profile, under the [[Common Criteria]]. This isn't NPOV, but EAL4 is really inadequate for a B2-equivalent sytem. Perhaps B1, but B2 was, as I recall, the first of the so-called "high assurance" levels of trust. Anyone know where I can add that bit of gibberish and any other gibberish I can remember from when I was doing formal evaluations? Send me a note as I don't aways Wiki often enough for Talk page comments to show up in my watched page changes list. [[User:Jfhaugh|Tall Girl]] 01:21, 22 April 2006 (UTC)

This page needs to be moved, as it's POV. Something along the lines of "Security certification based operating systems", or something. Taxman's above comment that "100% security is practically impossible." is probably pertinent and the title is not reflecting it. [[User:Dysprosia|Dysprosia]] 12:40, 28 May 2004 (UTC)

: the way things were a few days ago, when everything was in "security focussed..." seemed fine to me. -- [[User:Finlay McWalter|Finlay McWalter]] | [[User talk:Finlay McWalter | Talk]] 12:49, 28 May 2004 (UTC)

:: The security focused... article claims to be about systems that have not been certified, but are focused on security. This article could be about only OS's that have achieved [[Common Criteria]] or other standard certification. I concur with the move Dysprosia has outlined, but perhaps "Operating systems with security certification". That is more accurate than "certification based" - [[User:Taxman|Taxman]] 14:36, May 28, 2004 (UTC)

::: I know this is a really old comment by [[User:Taxman|Taxman]], but I think the current page name is more appropriate, and then stick to evaluated systems within the body of the article. ''Trusted operating systems'' is often confusing as the meaning of ''trust'' within the industry is different than what people outsite the community understand ''trust'' to mean. I know that's a lousey reason, but I think articles have to be accessible to those outside specialized fields, too. [[User:Jfhaugh|Tall Girl]] 01:21, 22 April 2006 (UTC)

Talk:Secure operating system - Revision history

imported>Cewbot: Maintain {{WPBS}}: 1 WikiProject template. Create {{WPBS}}.