The CCOPP-OS specifies the extensive range of security requirements necessary to solve the security problem that organisations encounter when trying to implement readily available operating systems to handle compartmentalised environments. It is conformant with both the Controlled Access Protection Profile (CAPP) and the Role Based Access (RBAC) Protection Profile. CCOPP-OS also contains requirements for Mandatory Access Control to implement compartmentalisation in a real-world environment.
When evaluated against the CCOPP-OS, the HP-UX 11i v3 UNIX® operating system will be certified with the most extensive range of security protections of any commercial off-the-shelf operating system. New in this evaluation is an extended range of HP-UX 11i v3 partitioning protections. These are highlighted as:
New in this evaluation: Hard partitions (nPartitions or nPars) are included in the evaluated configuration of the HP-UX 11i v3 operating system. Hardware partitions (nPartition) provide both hardware and software isolation so that hardware or software faults in one nPartition do not affect other nPartitions within the same server complex. Hard partitions (nPartitions) are available on cell-based servers such as rp7420, rp8420, rx7620, rx7640, rx8620, rx8640, and Superdome. The server is split into a number of cells that can be allocated to the nPartitions. Each cell contains processor(s) and system RAM and may be associated with its own peripheral devices.
Customers who wish to duplicate this evaluated software configuration can obtain a special 4-disc media kit (BA4491AA, option A54). The kit contains the DVDs of the February 2007 versions of the HP-UX 11i v3 mission-critical operating environment and Instant Information discs, plus a Common Criteria Supplementary CD that contains patches, documentation and tools specific to the evaluated configuration.
Customers who wish to duplicate the evaluated software configuration can obtain a special 3-disc media kit (B8483AA, option A54) containing DVDs of the May 2005 versions of the HP-UX 11i v2 Mission Critical Operating Environment and Instant Information discs, plus a Common Criteria Supplementary CD that contains patches, documentation and tools specific to the evaluated configuration.
The Common Criteria certification (CC) permits comparability between the results of independent security evaluations by providing a common set of requirements for the security functions of IT products and systems and for assurance measures applied to them during a security evaluation. The evaluation results may help consumers to determine whether the IT product or system is secure enough for their intended application and whether the security risks implicit in its use is tolerable.
The Common Criteria certification addresses protection of information from unauthorised disclosure, modification, or loss of use. The categories of protection relating to these three types of failure of security are confidentiality, integrity, and availability. The CC concentrates on threats to that information arising from human activities, whether malicious or otherwise, but may be applicable to some non-human threats as well. The CC may also be applied in other areas of IT, but makes no claim of competence outside the strict domain of IT security.
