Short Name: PP_OS_LS_V1.b (previously LSPP_V1.b)

Technology Type: Operating System

Version: 1.b

Date: 8 October 1999

Conformance Claim: EAL 3

Protection Profile :

Validation Report:

Sunset Date: 16 Septemeber 2007, replaced by Protection Profile for Multi-level Operating Systems in Environments Requiring Medium Robustness, Version 1.91

Related Profiles:

Key Words: access control, discretionary access control, general-purpose operating system, information protection, labels, mandatory access control

Please forward any questions or comments to pp-comments@niap-ccevs.org

PP Overview

Herewith a brief summary, sufficiently detailed to enable a potential user to detemine whether the PP is of interest.

The Common Criteria (CC) Labeled Security Protection Profile, hereafter called LSPP_V1.b, specifies a set of security functional and assurance requirements for Information Technology (IT) products. LSPP_V1.b-conformant products support access controls that are capable of enforcing access limitations on individual users and data objects. Specifically, two classes of access control mechanisms are provided: those that allow individual users to specify how resources (e.g., files, directories) under their control are to be shared; and those that enforce limitations on sharing among users. The latter is implemented by the use of security markings (i.e., “labels”). LSPP_V1.b-conformant products also provide an audit capability which records the security-relevant events which occur within the system.

The LSPP_V1.b provides for a level of protection which is appropriate for an assumed non-hostile and well-managed user community requiring protection against threats of inadvertent or casual attempts to breach the system security. The profile is not intended to be applicable to circumstances in which protection is required against determined attempts by hostile and well funded attackers to breach system security. The LSPP_V1.b does not fully address the threats posed by malicious system development or administrative personnel. LSPP_V1.b-conformant products are suitable for use in both commercial and government environments.

The LSPP_V1.b was derived from the requirements of the B1 class of the U.S. Department of Defense (DoD) Trusted Computer System Evaluation Criteria (TCSEC), dated December, 1985, and the material upon which those requirements are based. This protection profile provides security functions and assurances which are equivalent to those provided by the TCSEC and replaces the requirements used for B1 trusted product evaluations.

The LSPP_V1.b is generally applicable to distributed systems but does not address the security requirements which arise specifically out of the need to distribute the resources within a network.

Strength of Environment

The LSPP_V1.b is for a generalized environment with a moderate level of risk to the assets. The assurance requirements and the minimum strength of function were chosen to be consistent with that level of risk.

The assurance level is EAL 3 augmented and the minimum strength of function is SOF-medium.