Compliant Product - Red Hat Enterprise Linux 8.2
Certificate Date: 2022.03.09CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11202-2022
Product Type: Operating System
Conformance Claim: Protection Profile Compliant
PP Identifier: Protection Profile for General Purpose Operating Systems Version 4.2.1
Extended Package for Secure Shell (SSH) Version 1.0
CC Testing Lab: Acumen Security
The TOE itself does not have physical boundaries; however, the TOE was evaluated on the following hardware:
The Xeon Silver 4200 series processors are 2nd Generation Intel® Xeon® Scalable Processors and implement the Cascade Lake microarchitecture.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Red Hat Enterprise Linux was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. Acumen Security determined that the evaluation assurance level (EAL) for the product is EAL 1. The product, when delivered configured as identified in the Red Hat Enterprise Linux 8.2 CC Guidance, satisfies all of the security functional requirements stated in the Red Hat Enterprise Linux 8.2 Security Target. The project underwent CCEVS Validator review. The evaluation was completed in March 2022. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
The TOE provides the security functionality required by [GPOSPP] and [SSHEP].
The TOE generates and stores audit events using the Lightweight Audit Framework (LAF). The LAF is designed to be an audit system making Linux compliant with the requirements from Common Criteria by intercepting all system calls and retrieving audit log entries from privileged user space applications. The framework allows configuring the events to be recorded from the set of all events that are possible to be audited. Each audit record contains the date and time of event, type of event, subject identity, user identity, and result (success/fail) of the action if applicable.
The TOE provides a broad range of cryptographic support; providing SSHv2 and TLSv1.2 protocol implementations in addition to individual cryptographic algorithms.
The cryptographic services provided by the TOE are described below:
Table 1 TOE Cryptographic Protocols
The TOE includes the OpenSSL cryptographic library. Each cryptographic algorithm has been validated for conformance to the requirements specified in their respective standards as identified below:
The OpenSSL library provides the TLS Client function. The OpenSSL library also provides the cryptographic algorithms for the SSH Client, SSH Server, trusted update, and secure boot security functions.
User Data Protection
Discretionary Access Control (DAC) allows the TOE to assign owners to file system objects and Inter-Process Communication (IPC) objects. The owners are allowed to modify Unix-type permission bits for these objects to permit or deny access for other users or groups. The DAC mechanism also ensures that untrusted users cannot tamper with the TOE mechanisms.
The TOE also implements POSIX Access Control Lists (ACLs) that allow the specification of the access to individual file system objects down to the granularity of a single user.
Identification and Authentication
User identification and authentication in the TOE includes all forms of interactive login (e.g. using the SSH protocol or log in at the local console) as well as identity changes through the su or sudo command. These all rely on explicit authentication information provided interactively by a user.
The authentication security function allows password-based authentication. For SSH access, public-key-based authentication is also supported.
Password quality enforcement mechanisms are offered by the TOE which are enforced at the time when the password is changed.
The security management facilities provided by the TOE are usable by authorized users and/or authorized administrators to modify the configuration of TSF.
Protection of the TSF
The TOE implements self-protection mechanisms that protect the security mechanisms of the TOE as well as software executed by the TOE. The following self-protection mechanisms are implemented and enforced:
The TOE displays informative banners before users are allowed to establish a session.
The TOE supports TLSv1.2 and SSHv2 to secure remote communications. Both protocols may be used for communications with remote IT entities. Remote administration is only supported using SSHv2.
Red Hat, Inc.
+420 532 294 645