SLES10 Security Certification
Hi As AppArmor will implement a type of MAC in SLES10, is Novell has submitted (or) going to achieve EAL4+ LSPP ? As SLES9 already certified for EAL4+ CAPP, i didn't heared SLES10 about this. Thanks & Regards, Shashi Kanth
shashi wrote:
As AppArmor will implement a type of MAC in SLES10, is Novell has submitted (or) going to achieve EAL4+ LSPP ?
LSPP is the Layered Security Protection Profile; a specification for systems providing MLS (Multi-Level Security). MLS, in turn, is a form of strict policy (applies system wide to everything and everyone). The strength of MLS is that it is very good at protecting privacy: keeping your secrets secret. The cost of MLS is that it makes the system very difficult to use: unless you have very strict secrecy requirements, you probably don't want to turn on MLS. AppArmor, conversely, is very good at protecting the integrity of your data: keeping bad guys from corrupting it, especially hacker intrusions. AppArmor also can protect the privacy of your data somewhat, but not as well as MLS can. And AppArmor is much easier to live with than MLS.
As SLES9 already certified for EAL4+ CAPP, i didn't heared SLES10 about this.
We are working towards CAPP certification for SLES10, but no specific plans have been announced yet. We are considering whether to seek LSPP certification, which would involve adding additional security features to SLES. We are unsure how many customers would actually need LSPP. Do you actually have a specific need for LSPP? Can you tell us about it? Crispin -- Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/ Director of Software Engineering, Novell http://novell.com Hack: adroit engineering solution to an unaticipated problem Hacker: one who is adroit at pounding round pegs into square holes
On Sun, Jul 23, 2006 at 06:14:09PM +0530, shashi wrote:
Hi
As AppArmor will implement a type of MAC in SLES10, is Novell has submitted (or) going to achieve EAL4+ LSPP ?
Please prefer to ask your partner contact with us for such questions.
As SLES9 already certified for EAL4+ CAPP, i didn't heared SLES10 about this.
We have plans for a CAPP evaluation in the future, but nothing is set in stone yet. We switched the audit system to use the mainline kernel one, which was less capable than ours in SLES 8 and SLES 9, so we have to make SLES 10 catch up on its functionality first. Ciao, Marcus
Why LAuS removed and RedHat's audit added ? Is there any reason ? Marcus Meissner wrote:
On Sun, Jul 23, 2006 at 06:14:09PM +0530, shashi wrote:
Hi
As AppArmor will implement a type of MAC in SLES10, is Novell has submitted (or) going to achieve EAL4+ LSPP ?
Please prefer to ask your partner contact with us for such questions.
As SLES9 already certified for EAL4+ CAPP, i didn't heared SLES10 about this.
We have plans for a CAPP evaluation in the future, but nothing is set in stone yet.
We switched the audit system to use the mainline kernel one, which was less capable than ours in SLES 8 and SLES 9, so we have to make SLES 10 catch up on its functionality first.
Ciao, Marcus
On Mon, Jul 24, 2006 at 02:27:15PM +0530, shashi wrote:
Why LAuS removed and RedHat's audit added ? Is there any reason ?
It is the mainline kernels auditing system. LAuS would not have been accepted to mainline kernel at this time anymore, so we need to use whats available. Sad, but true. Ciao, Marcus
participants (3)
-
Crispin Cowan
-
Marcus Meissner
-
shashi