Security-evaluated operating system
- 1 Oracle Solaris
- 2 BAE Systems' STOP
- 3 Red Hat Enterprise Linux 5
- 4 Red Hat Enterprise Linux 6
- 5 Novell SUSE Linux Enterprise Server
- 6 Microsoft Windows
- 7 Mac OS X
- 8 GEMSOS
- 9 HP OpenVMS and SEVMS
- 10 Green Hills INTEGRITY-178B
- 11 Unisys MCP
- 12 Unisys OS 2200
- 13 See also
- 14 External links
- 15 References
Trusted Solaris 8 was a security-focused version of the Solaris Unix operating system. Aimed primarily at the government computing sector, Trusted Solaris adds detailed auditing of all tasks, pluggable authentication, mandatory access control, additional physical authentication devices, and fine-grained access control(FGAC). Versions of Trusted Solaris through version 8 are Common Criteria certified. See  and  Trusted Solaris Version 8 received the EAL4 certification level augmented by a number of protection profiles. See  for explanation of The Evaluation Assurance Levels.
BAE Systems' STOP
BAE Systems' STOP version 6.0.E received an EAL4+ in April 2004 and the 6.1.E version received an EAL5+ certification in March 2005. STOP version 6.4 U4 received an EAL5+ certification in July 2008. Versions of STOP prior to STOP 6 have held B3 certifications under TCSEC. While STOP 6 is binary compatible with Linux, it does not derive from the Linux kernel. See  for an overview of the system.
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux Version 6.2 on 32 bit x86 Architecture achieved EAL4+ in December 2014. Red Hat Enterprise Linux Version 6.2 with KVM Virtualization for x86 Architectures achieved EAL4+ in October 2012.
Novell SUSE Linux Enterprise Server
The following versions of Microsoft Windows have received EAL 4 Augmented ALC_FLR.3 certification:
- Windows 2008 Server (64-bit), Enterprise (64-bit) and Datacenter, as well as Windows Vista Enterprise (both 32-bit and 64-bit) attained EAL 4 Augmented (colloquially referred to as EAL 4+) ALC_FLR.3 status in 2009.
- Windows 2000 Server, Advanced Server, and Professional, each with Service Pack 3 and Q326886 Hotfix operating on the x86 platform were certified as CAPP/EAL 4 Augmented ALC_FLR.3 in October 2002. (This includes standard configurations as Domain Controller, Server in a Domain, Stand-alone Server, Workstation in a Domain, Stand-alone Workstation)
- Windows XP Professional and Embedded editions, with Service Pack 2, and Windows Server 2003 Standard and Enterprise editions (32-bit and 64-bit), with Service Pack 1, were all certified in December 2005.
Mac OS X
Apple's Mac OS X & Mac OS X Server running the latest version 10.4.6 have not yet been fully evaluated however the Common Criteria Tools package is available.
HP OpenVMS and SEVMS
Green Hills INTEGRITY-178B
The Unisys MCP operating system includes an implementation of the DoD Orange Book C2 specification, the controlled access protection sub-level of discretionary protection. MCP/AS obtained the C2 rating in August, 1987.
Unisys OS 2200
The Unisys OS 2200 operating system includes an implementation of the DoD Orange Book B1, Labeled security protection level specification. OS 2200 first obtained a successful B1 evaluation in September, 1989. Unisys maintained that evaluation until 1994 through the National Computer Security Center Rating Maintenance Phase (RAMP) of the Trusted Product Evaluation Program.
- The common criteria portal's products list has an "Operating Systems" category containing CC certification results
- OpenVMS security presentation
- Department of Defense Trusted Computer System Evaluation Criteria (NSI 5200.28-STD). National Security Institute. 1985.
- Final Evaluation Report of Unisys Corporation A Series MCP/AS Release 3.7 (CSC-EPL-87/003, Library No. S228,515) (PDF). 9800 Savage Road, Fort George G. Meade, Maryland 20755-6000: National Computer Security Center. September 27, 1989.
- Final Evaluation Report of Unisys Corporation OS 1100 (CSC-EPL-89/004, Library No. S33,122) (PDF). 9800 Savage Road, Fort George G. Meade, Maryland 20755-6000: National Computer Security Center. September 27, 1989.
- Final Evaluation Report Unisys Corporation OS 1100/2200 (CSC-EPL-76/999, Library No. S225,nnn). 9800 Savage Road, Fort George G. Meade, Maryland 20755-6000: National Computer Security Center. July 26, 1994.
- Rating Maintenance Phase Program Document (NCSC-TG-013-89, Library No. S-232,468). 9800 Savage Road, Fort George G. Meade, Maryland 20755-6000: National Computer Security Center. 23 June 1989.