Information Technology Reference
In-Depth Information
Figure 6.7
Structure of a System with Solaris 8 Containers and Solaris 9 Containers
Some data center workloads require or benefit from strict compartmentaliza-
tion of different categories of data and users. This statement has been true for
certain government organizations for decades, but in recent years governments
have required that corporations protect data in new ways. Some users are allowed
access to only one category of data, whereas other users need access to multiple
categories.
In the past, government and corporate organizations have used customized
versions of operating systems, such as Trusted Solaris 8. That functionality was
integrated into Solaris 10 as a feature set that can simply be enabled or disabled.
The feature set that provides this strict compartmentalization is called Oracle
Solaris 10 Trusted Extensions.
As mentioned earlier, Trusted Extensions achieved Common Criteria Certification
for the Labeled Security Protection Profile (LSPP) at Evaluation Assurance Level
(EAL) 4+, the highest commonly recognized global security certification. This
achievement allows Solaris 10 to be deployed when multilevel security (MLS) pro-
tection and independent validation of an OS security model is required. Solaris
10 achieved this certification for SPARC and x86-based systems, for both desk-
top and server functionality, and also received Common Criteria Certification for
the Controlled Access Protection Profile (CAPP) and Role-Based Access Control
Protection Profile (RBACPP). Because of this certification, you can deploy systems
Search WWH ::
Custom Search