|
Publication title
|
Date
|
Description
|
Link
|
| Security Target and Evaluated Configuration Guides for RHEL5 for CAPP, RBAC
and LSPP Compliance | July 2007 | Security Target and Evaluated Configuration Guides evaluating the security
characteristics of the Red Hat Enterprise Linux 5 Server and Red Hat
Enterprise Linux 5 Client operating system. | Read the
security target (PDF)
and
configuration guides (PDF)
|
| " Extending Linux for Multi-Level Security" | March 2007 | A paper originally presented at the SELinux Symposium that explores the
evolution, rationale, and development of features to meet the Labeled Security
Protection Profile (LSPP) and Role-Based Access Control Protection Profile
(RBACPP) by George Wilson and Loulwa Salem from IBM LTC Security Development
and Klaus Weidner, ATSEC Information Security Corporation. |
Read the paper (PDF)
|
| " IBM Linux Security Direction & Activities" | Aug 2006 | A presentation for the San Francisco Linux World Expo on Linux Security
covering new options and Tivoli Security Management solutions. |
Read the presentation (PDF)
|
| "Trusted Linux Overview" | Apr 2006 | This overview of Linux Security was presented by Doc Shankar at LWE Boston
2006. |
Read the document (PDF)
|
| "Red Hat Enterprise Linux 4 Update 1 EAL4 High Level Design, Version 2.13" | Feb 2006 | This document is the High Level Design (HLD) for the Red Hat Enterprise
Linux Advanced Server (RHEL AS) and Red Hat Enterprise Linux Work Station
(RHEL WS) Version 4 Update 1 operating system. This document summarizes the
design and Target of Evaluation Security Functions of the Red Hat Enterprise
Linux operating system. Used within the Common Criteria evaluation of Red Hat
Enterprise Linux at Evaluation Assurance Level (EAL) 4 it describes the
security functions defined in the Common Criteria Security Target document. |
Read the document (PDF)
|
| "Red Hat Enterprise Linux Functional Specification" | Feb 2006 | This Functional Specification for Red Hat Linux Enterprise 4 Update 1 AS and
WS is a collection of tables that document the system calls, packages,
programs, database files, and package documentation that pertain to the Target
of Evaluation. |
Read the document (PDF)
|
| "CAPP EAL4 Evaluated Configuration Guide for Red Hat Enterprise Linux on IBM
hardware" | Feb 2006 | The CAPP EAL4 Evaluated Configuration Guide for Red Hat Enterprise Linux on
IBM hardware is a security guide that explains how to set up the evaluated
configuration, and provides information to administrators and ordinary users
to ensure secure operation of the system. |
Read the document (PDF)
|
| "Red Hat Enterprise Linux Version 4 Update 1 Security Target for CAPP
Compliance" | Feb 2006 | Red Hat Enterprise Linux Version 4 Update 1 Security Target for CAPP
Compliance is the security target for the CC evaluation of the Red Hat
Enterprise Linux WS Version 4 Update 1 operating system product, and is
conformant to the Common Criteria for Information Technology Security
Evaluation (CC) with extensions as defined in the Controlled Access Protection
Profile (CAPP). |
Read the document (PDF)
|
| "eCryptfs: An Enterprise-class Cryptographic Filesystem for Linux" | Aug 2005 | This paper describes the eCryptfs architecture and functionality. Written by
Michael Halcrow. |
Read the paper (PDF)
|
| "Trusted Computing and Linux" | Aug 2005 | This paper describes Trusted Computing and the components required to make a
trusted operating system. Written by Kylene Hall, Tom Lendacky, Emily Ratliff,
and Kent Yoder. |
Read the paper (PDF)
|
| "SUSE Linux Enterprise Server (SLES) V9 High Level Design 3.16" | Feb 2005 | The SLES High Level Design summarizes the design and the security functions
of SLES 9 as they pertain to the Common Criteria evaluation of SLES 9 at the
Evaluation Assurance Level 4 (EAL4). |
Read the PDF
|
| "SUSE Linux Enterprise Server (SLES) V9 Functional Spec" | Feb 2005 | The Functional Specification is a collection of tables that document the
system calls, packages, programs, database files and package documentation
that pertain to the Target of Evaluation. |
Read the PDF
|
| "SUSE Linux Enterprise Server (SLES) V9 Security Target for CAPP Compliance" | Feb 2005 | The Security Target defines the scope of the Target of Evaluation and
indicates what functional and assurance security is offered by the TOE. |
Read the PDF
|
| "Common Criteria EAL4+ Evaluated Configuration Guide for SUSE Linux
Enterprise Server (SLES) on IBM Hardware" | Feb 2005 | The Configuration Guide is a security guide that explains how to set up the
evaluated configuration, and provides information to administrators and
ordinary users to ensure secure operation of the system. |
Read the PDF
|
| "Test Plan for SUSE Linux Enterprise Server V9: EAL4 Security Function
Verification" | 2005 | This is the test plan for the Common Criteria EAL4+ Certification of SLES 9.
The plan was authored by Kimberly Simon of IBM and documents how the testing
demonstrated " the correct operation of security functions identified in the
SUSE Linux Enterprise Server V9 (SLES9) Functional Specification for EAL4."
The Test Plan, along with the suite of tests used can be found at the SUSE
site. |
Download the suite of tests
|
| "DigSig: Run-time Authentication of Binaries at Kernel Level" | Nov 2004 | Paper by A. Apvrille, D. Gordon, S. Hallyn, M. Pourzandi, and V. Roy
presented at the 2004 USENIX LISA conference. |
Read the paper
|
| "Certifying Open Source - The Linux Experience" | Nov 2004 | The Common Criteria is an international standard for evaluating the security
functions of IT products. The authors describe how they obtained this security
certification for Linux, the first open-source product to receive such
certification. |
Read
the PDF
|
| "Using the BSD Secure Levels LSM" | Aug 2004 | Written by Michael A. Halcrow and published in Sys Admin Magazine. |
Read the article
|
| "Red Hat Enterprise Linux WS Version 3 Update 2 Security Target for CAPP
Compliance" | Aug 2004 | This document is the security target for the CC evaluation of the Red Hat
Enterprise Linux WS Version 3 Update 2 operating system product, and is
conformant to the Common Criteria for Information Technology Security
Evaluation (CC) with extensions as defined in the Controlled Access Protection
Profile (CAPP). |
Read the PDF
|
| "Red Hat Enterprise Linux AS Version 3 Update 2 Security Target for CAPP
Compliance" | Aug 2004 | This document is the security target for the CC evaluation of the Red Hat
Enterprise Linux AS Version 3 Update 2 operating system product, and is
conformant to the Common Criteria for Information Technology Security
Evaluation (CC) with extensions as defined in the Controlled Access Protection
Profile (CAPP). |
Read the PDF
|
| "RHEL3 EAL3 FSP Cross Reference" | Aug 2004 | This constitutes the Functional Specification for Red Hat Linux Enterprise 3
Update 2 AS and WS. |
Read the PDF
|
| "RHEL High Level Design Version 1.3" | Aug 2004 | This document is the High Level Design (HLD) for the Red Hat Enterprise
Linux Advanced Server (RHEL AS) and Red Hat Enterprise Linux Work Station
(RHEL WS) Version 3 Update 2 operating system. This document summarizes the
design and Target of Evaluation Security Functions of the Red Hat Enterprise
Linux operating system. Used within the Common Criteria evaluation of Red Hat
Enterprise Linux at Evaluation Assurance Level (EAL) 3 it describes the
security functions defined in the Common Criteria Security Target document. |
Read the PDF
|
| "EAL3 Evaluated Configuration Guide for Red Hat Enterprise Linux" | Aug 2004 | This document is a security guide that explains how to set up the evaluated
configuration, and provides information to administrators and ordinary users
to ensure secure operation of the system. |
Read the PDF
|
| "Achieving CAPP/EAL3+ Security Certification for Linux" | Jul 2004 | Written by Doc Shankar (IBM), Emily Ratliff (IBM), and Olaf Kirch (SUSE).
Presented at the 2004 Ottawa Linux Symposium. |
Read the PDF
|
| "Demands, Solutions, and Improvements for Linux Filesystem Security" | Jul 2004 | Presented by Michael Halcrow at the 2004 Ottawa Linux Symposium. |
Read the presentation (PDF)
Read the PDF
|
| "Modular Construction of DTE Policies" | Jul 2004 | Written by Serge E. Hallyn (IBM) and Phil Kearns (College of William and
Mary) and presented at the 2004 USENIX Tech conference. |
Read the paper
|
| "Advances in Linux Security: The Linux Security Modules Project" | May 2004 | Presented by Emily Ratliff at the SecureWorld Expo conference in August
2003. |
Read the presentation (PDF)
|
| "New Advances in Spam Fighting Techniques" | May 2004 | Presented by Emily Ratliff at the SecureWorld Expo conference in August
2003. |
Read the presentation (PDF)
|
| "Best of Breed Open Source Security Tools" | May 2004 | Presented by Emily Ratliff at the SecureWorld Expo conference in August
2003. |
Read the presentation (PDF)
|
| "Linux security solutions for businesses on IBM eServer xSeries" | Apr 2004 | Published May 2003. |
Read the white paper (PDF)
|
| "The State of Linux Security" | Apr 2004 | Written by Doc Shankar. Presented at LinuxWorld Conference and Expo in the
Fall of 2003. Updated in April 2004. |
Read the PDF
|
| "Linux on zSeries Security White Paper" | Apr 2004 | Written by Ingolf Salm and Peter Spera. Published March 2004. |
Read the white paper (PDF)
|
| "Choosing Secure Platforms in the Enterprise" | Apr 2004 | Comparing Linux and Windows security head-to-head. Written by the Robert
Francis Group, Inc. |
Read
the PDF
|
| "Certifying Open Source - The Linux Experience" | Apr 2004 | Presented at a IEEE conference in 2003. |
Read the PDF
|
| "SELinux Thoughts/Direction" | Apr 2004 | Presented by Doc Shankar and Trent Jaeger at LinuxWorld Conference and Expo
2004 New York in January 2004. |
Read the PDF
|
| "Evaluating and Certifying Open Source - The Linux Experience" | Apr 2004 | Presented by Doc Shankar (IBM) and Helmut Kurth (atsec information security
GmbH) at the ICCC 2003 conference. |
Read the PDF
|
| "SuSE Linux Enterprise Server V8 EAL3 Testcase Mapping Spreadsheet" | Feb 2004 | The testcase mapping document links the Linux security relevant syscalls and
functions to the relevant testcases. It also indicates which IBM platforms the
tests run on. |
Read the PDF
|
| "SLES 8 EAL3 FSP Cross Reference" | Feb 2004 | This is the EAL3 Functional Specification for SuSE Linux Enterprise Server
version 8. This document has been updated as of March 16, 2004. |
Read the PDF
|
| "SLES 8 EAL3 Security Target" | Jan 2004 | This is version 2.7 of the Security Target document for the evaluation of
SuSE Linux Enterprise Server Version 8 with Service Pack 3 and the
certification-sles-eal3.rpm package. |
Read the PDF
|
| "SLES EAL3 High Level Design 2.25" | Jan 2004 | This document summarizes the design and Target of Evaluation Security
Functions of the SuSE Linux Enterprise Server (SLES) Operating System version
8 with Service Pack 3. This document is used within the Common Criteria
evaluation of SLES at Evaluation Assurance Level (EAL) 3 and describes the
security functions defined in the Common Criteria Security Target document. |
Read the PDF
|
| "SLES EAL3 Security Guide" | Jan 2004 | This document is a security guide that explains how to set up the evaluated
configuration, and provides information to administrators and ordinary users
to ensure secure operation of the system. It was written by Klaus Weidner of
atsec. |
Read the PDF
|
| "SLES 8 EAL2 FSP Cross Reference" | Aug 2003 | This is the EAL2 Functional Specification for SuSE Linux Enterprise Server
version 8. |
Read the PDF
|
| "SLES EAL2 High Level Design 1.10" | Aug 2003 | This document summarizes the design and Target of Evaluation Security
Functions of the SuSE Linux Enterprise Server (SLES) Operating System version
8. This document is used within the Common Criteria evaluation of SLES at
Evaluation Assurance Level (EAL) 2 and describes the security functions
defined in the Common Criteria Security Target document. |
Read the PDF
|
| "SLES 8 EAL2 Security Target" | Aug 2003 | This security target documents the security characteristics of the SuSE
Linux Enterprise Server operating system (Official name: SuSE Linux Enterprise
Server Version 8) with the certification-sles-eal2.rpm package. |
Read the PDF
|
| "SLES EAL2 Security Guide" | Aug 2003 | This document is a security guide that explains how to set up the evaluated
configuration to meet Common Criteria guidelines, and provides information to
administrators and ordinary users to ensure secure operation of the system. It
was written by Klaus Weidner of atsec. |
Read the PDF
|
| "IBM Linux Security Direction & Activities" | Aug 2002 | Presented by Doc Shankar at LinuxWorld Expo. |
Read the PDF
|
| "Migrating Applications to OpenSSL: The Basics" | Aug 2002 | Presented by Steven Bade at LinuxWorld Expo. |
Read the PDF
|
| "IBM Linux Security Direction & Activities" | Jul 2002 | Presented by Doc Shankar at the Fall Linux World Conference and Expo 2002. |
Download zip
|
| "IBM LTC Security" | Jan 2002 | Discussion of what IBM is doing to improve Linux security. Presented at
LinuxWorld Expo by Emily Ratliff. |
Read the PDF
|
| "Security Requirements for the Deployment of the Linux Kernel in Enterprise
Systems" | Jan 2002 | Written by Trent Jaeger, David Safford, and Hubertus Franke of the IBM T.J.
Watson Research Center. |
Read the PDF
|
| "Linux Security for the Enterprise: Executive Summary" | Jan 2002 | Written by Trent Jaeger, David Safford, and Hubertus Franke of the IBM T.J.
Watson Research Center. |
Read the PDF
|
