[email protected] (Timothy Sipples1) writes: > Almost everyone here would. These are mainframes, with PR/SM and LPARs > proven to Common Criteria EAL5+ certification standards. Regardless of the > operating system(s) running in particular LPARs.
sometimes EAL certifications can be misleading. I was at briefing that said of 64 or so "identical" EAL certifications ... 60 had unpublished deviations. I designed a "secure" chip that I finally got EAL4+ certification ... but there were similar chips with EAL6+ certifications. I claimed that my chip was more secure than any of the EAL6+ certified chips. The main difference was my evaluation was with crypto and all applications ready to be handed to customers. The EAL6+ certified chips didn't have any software/applications ... so the certification wasn't on actual real-world operation ... but just some of its physical characters (joke was it is possible to do have a protection profile for physical dimensions and do EAL6+ evaluation on physical dimensions). I had originally planned for at least EAL5+ certification ... but the on-chip crypto I had, NIST had recently pulled the evaluation criteria for the crypto certification higher than EAL4+ ... so evaluation was limited to EAL4+ certification. recent posts (i86) capability system design for EAL7+ evaluation ... descendent of GNOSIS operating system done for 370 by one of the (370) online virtual machine based service bureaus. http://www.garlic.com/~lynn/2012i.html#43 Virtual address Memory Protection Unit http://www.garlic.com/~lynn/2012i.html#59 Operating System, what is it? nearly anybody can write a protection profile that is used for evaluation. there are some recent push to bring all protection profiles under control of ***. I've been admonished a few times by *** for critizing the protection profile infrastructure compared to orange book. past posts in this thread: http://www.garlic.com/~lynn/2012l.html#56 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012l.html#57 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012l.html#59 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012l.html#70 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012l.html#73 PDP-10 system calls, was 1132 printer history http://www.garlic.com/~lynn/2012l.html#81 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012l.html#87 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012l.html#88 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012l.html#90 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012l.html#100 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012m.html#2 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012m.html#3 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012m.html#4 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012m.html#5 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee http://www.garlic.com/~lynn/2012m.html#6 Blades versus z was Re: Turn Off Another Light - Univ. of Tennessee -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
