Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mission: IMPOSSIBLE Diane R Brent, PMP IBM Linux Technology Center Poughkeepsie, NY ________.

Published byLaurel Parsons Modified over 9 years ago

Similar presentations

Presentation on theme: "Mission: IMPOSSIBLE Diane R Brent, PMP IBM Linux Technology Center Poughkeepsie, NY ________."— Presentation transcript:

1 Mission: IMPOSSIBLE Diane R Brent, PMP drbrent@us.ibm.com IBM Linux Technology Center Poughkeepsie, NY ________

2 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 Common Criteria Project Objectives ChallengesApproach Creating the Roadmap Scope of Linux Certification What we had, what was missing Lessons Learned Community Value Beyond EAL2+ IBM’s Commitment to Certification

3 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 What is it? The Common Criteria for Information Technology Security Evaluation (CC) is an international specification used to evaluate IT security. World Wide Government and Financial agencies are most likely to employ this and some require it for procurements. What’s involved? Function – security capabilities Assurance – confidence in capabilities 3 rd Party evaluation

4 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 Prove Linux CAN be certified Allay concerns that Linux isn’t ready for Enterprise computing Satisfy Federal Gov’t mandates Contribute back to community Do it ASAP!

5 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 “Show me the money!” Ownership of Linux Development process unlike proprietary products Lack of typical internal product documentation Evaluation criteria rooted in closed source model

6 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 Cooperative Effort –IBM not a Linux distributor Schedule Acceleration –Leverage AIX certification experience –Pooling Resources Augment distributor team with IBM development and test Financial sponsorship –Engaging motivated evaluation laboratory Lead open source operating system certification! “Don’t bite off more than you can chew!” –Uncharted territory calls for step-wise plan –Build upon experience

7 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 Where’s the Competition? CAPP/EAL4 is most prevelant for general purpose operating systems: AIX, Solaris, HP-UX, Windows 2000 Functional Criteria – close  Authentication via PAM  Authorization via ACLs  Auditing – won‘t satisfy CAPP  Object Reuse - OK EAL 1 EAL 2 EAL 3 EAL 4 EAL 5 EAL 6 EAL 7 Assurance Criteria – much to do  Formal product and internal process documentation  Depth of testing  Life Cycle Support requirements How does Linux compare?

8 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 Recall project objectives... –Prove it can be done –Do it now! as is/EAL2+: –Certify existing release of Linux –Define Security Target based on existing capabilities – no new code development –Don’t claim compliance to CAPP, yet... use CAPP as guideline –Create a roadmap for increasing certification levels EAL 1 EAL 2 EAL 3 EAL 4 EAL 5 EAL 6 EAL 7 Play Win Compete

9 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 Target of Evaluation : SuSE Linux Enterprise Server 8 Security Functions: as is for server system –Password based Identification and Authentication using the PAM framework. –Discretionary Access Control using the POSIX ACLs for the ext3 file system (permission bits for other file systems). –Discretionary Access Control for Inter-Process Communication (including access control for sockets). –VSFTP and SSH as the only trusted network applications –Focus on the ability of the kernel to protect itsself. L I N U X

10 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 EAL2+ Assurance Requirements: –ACM:Configuration List –ADO:Delivery Procedures, Install and Configuration –ADV:Functional Specification, High Level Design –AGD:User and Administrator Guidance –ATE:Test Plan, Test Coverage –AVA:Strength of Function Analysis, Vulnerability Analysis –ALC:Flaw Remediation Procedure (the “+“)

11 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 RequirementDisposition Configuration MgmtCovered by SuSE’s configuration management procedures! Delivery & OperationsCovered by SuSE’s install and config procedures! Development Environment FSP – had to be written. Started with man pages, ensuring coverage for system calls and config files. HLD – had to be written, with focus on security function. Guidance DocHad to be written and shipped with product Testing/PlansBuilt upon LTP, significant number of test cases for security developed. Vulnerability AnalysisHad nothing. Developed this area Life Cycle SupportCovered by SuSE’s flaw remediation procedures!

12 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003  Improved quality  Security defects identified through evaluation  Problems resolved and included  Easy access to source code made for quick clarification of evaluation questions  Design and user documentation is a weakness of open source  this project has tried to enhance the situation  Boundaries of “development environment” more challenging for the open source development model

13 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 Material provided to open source community  Functional Specification: greater coverage of system calls and security related configuration files  High Level Design: single, current reference document for 2.4.19 kernel with security focus  User Documentation: details and scripts on how to install and administer the secure configuration  Test Suite: new set of security test cases linked off Linux Test Project site  Security Target: information on the scope of the “as is”/EAL2+ certification Linux now has a good starting point for higher assurance levels AND for the evaluation of other distributions

14 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003 CAPP/EAL3+  SuSE Linux Enterprise Server 8, with service package, currently in evaluation  audit capability  test tool for underlying hardware  additional network security functions  broader development environment focus  Valid across IBM eServer  More contributions to open source community anticipated  Expected within 2-4 months. CAPP/EAL4  Desired place to be in 2004  Need to consider Linux distributor plans/needs  Need to consider evolving Protection Profiles – maybe not CAPP?

15 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003  Linux  Continue to work with the open source community and Linux distributors to pursue increasing levels of certification  IBM Operating Systems and Middleware  Comprehensive plans in place  Various states: certified or in progress CompleteIn Progress AIX LPAR Linux on xSeries zOS, z/VM, DB2, Tivoli Access Manager, IBM Directory Server, Websphere Application Server, WMQ, Linux on eServer

16 Mission: Impossible - Security Certification of Linux DR Brent, IBM LTC, Oct 2003  Doc Shankar, Security Architect, IBM LTC  Helmut Kurth, Principle Evaluator, @sec GmbH –This work represents the view of the authors and does not necessarily represent the view of IBM. –AIX, DB2, IDS, WebSphere, MQ, Tivoli Access Manager, IBM, eServer, are registered trademarks of International Business Machines Corporation in the United States, other countries, or both. –UNIX is a registered trademark of The Open Group in the United States and other countries. –SuSE Linux is a trademark of SuSE AG. –Solaris is a trademark of Sun Microsystems. –HP-UX is a trademark of Hewlett-Packard. –Windows 2000 is a trademark of Microsoft. –Linux is a registered trademark of Linus Torvalds. –Intel is a trademark of Intel Corporation in the United States, other countries, or both. –Other company, product, and service names may be trademarks or service marks of others.

Download ppt "Mission: IMPOSSIBLE Diane R Brent, PMP IBM Linux Technology Center Poughkeepsie, NY ________."

Similar presentations

Common Criteria Evaluation and Validation Scheme Syed Naqvi XtreemOS Training Day.

Common Criteria Evaluation and Validation Scheme Syed Naqvi XtreemOS Training Day.
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server 2008. Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),

Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.

The Common Criteria Cs5493(7493). CC: Background The need for independently evaluated IT security products and systems led to the TCSEC Rainbow series.
The Open Source Security Myth — And How to Make it A Reality Michael Davis Dynamic Security Concepts, Incorporated Track 3, 1300 Sunday, 1 August 2004.

The Open Source Security Myth — And How to Make it A Reality Michael Davis Dynamic Security Concepts, Incorporated Track 3, 1300 Sunday, 1 August 2004.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
95752:11-1 Security Policy. 95752:11-2 Policy Set of detailed rules as to what is allowed on the system and what is not allowed. User Policy System Policy.

95752:11-1 Security Policy :11-2 Policy Set of detailed rules as to what is allowed on the system and what is not allowed. User Policy System Policy.
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.

Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.
Opalis Product Overview NameTitle Microsoft Corporation.

Opalis Product Overview NameTitle Microsoft Corporation.
How ISO 9001 Fits Into The Software World? Management of Software Projects and Personnel CIS 6516 March 6, 2006 Prepared by Olgu Yilmaz Swapna Mekala.

How ISO 9001 Fits Into The Software World? Management of Software Projects and Personnel CIS 6516 March 6, 2006 Prepared by Olgu Yilmaz Swapna Mekala.
Chapter 3 Software process Structure Chapter 3 Software process Structure Moonzoo Kim KAIST 1.

Chapter 3 Software process Structure Chapter 3 Software process Structure Moonzoo Kim KAIST 1.
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Event Mgmt Service Desk Asset/CMDB Configuration Virtual Security Storage Server Network Triage and diagnose Integrate service desks with data center.

Event Mgmt Service Desk Asset/CMDB Configuration Virtual Security Storage Server Network Triage and diagnose Integrate service desks with data center.
DB2 (Express C Edition) Installation and Using a Database

DB2 (Express C Edition) Installation and Using a Database
Chapter 10 – UNIX. History In late 1960s, two employees of Bell Labs (Ken Thompson & Dennis Ritchie) designed a new operating system to overcome the constraints.

Chapter 10 – UNIX. History In late 1960s, two employees of Bell Labs (Ken Thompson & Dennis Ritchie) designed a new operating system to overcome the constraints.
Enterprise Computing Community June 13 - 15, 2010February 27, 2010 1 Information Security Industry View Linda Betz IBM Director IT Policy and Information.

Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
What’s new with EntireX Communicator 7.3 Rolf Bahlke crossvision Chief Architect October 2006.

What’s new with EntireX Communicator 7.3 Rolf Bahlke crossvision Chief Architect October 2006.
Keith Harmon Solution Manager, SAP AG Transforming Information into Knowledge Bergen, Norway May 10-13, 2006.

Keith Harmon Solution Manager, SAP AG Transforming Information into Knowledge Bergen, Norway May 10-13, 2006.
Choosing NOS can be a complex and a difficult decision. Every popular NOS has its strengths and weaknesses. NOS may cost thousands of dollars depending.

Choosing NOS can be a complex and a difficult decision. Every popular NOS has its strengths and weaknesses. NOS may cost thousands of dollars depending.
A Comparison of Linux vs. Windows Bhargav A. Sorathiya B.E. 4 th C.E. Roll no:6456.

A Comparison of Linux vs. Windows Bhargav A. Sorathiya B.E. 4 th C.E. Roll no:6456.

Similar presentations

Ads by Google