NIAP: Archived U.S. Government Approved Protection Profile - Protection Profile for Multi-Level Operating Systems in Environments R...
NIAP/CCEVS

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Archived PPs  »»  Details  
Archived U.S. Government Approved Protection Profile - Protection Profile for Multi-Level Operating Systems in Environments Requiring Medium Robustness, Version 1.22

Short Name: pp_os_ml_mr_v1.22

Technology Type: Operating System

CC Version: 2.x

Date: 2001.05.23

Sunset Date: 2007.09.16 [Sunset Icon]

Conformance Claim: EAL4 Augmented

Protection Profile [PDF]

Validation Report [PDF]


 

PP OVERVIEW

Herewith a brief summary, sufficiently detailed to enable a potential user to detemine whether the PP is of interest.


The .Protection Profile for Multilevel Operating Systems in Environments Requiring Medium Robustness. specifies security requirements for commercial-off-the-shelf (COTS) general- purpose multilevel operating systems in networked environments containing sensitive information1. This profile makes use of Department of Defense (DoD) Information Assurance (IA) guidance and policy as a basis to establish the requirements necessary to achieve the security objectives of the Target of Evaluation (TOE) and its environment. Operating systems evaluated against this PP will associate sensitivity labels with all objects and all its users will have an associated clearance level identifying the maximum security level of data that they may access. Operating systems evaluated against this PP can operate in the following multilevel environments:

  • Processing data up to the Secret level with uncleared authorized users.
  • Processing data up to the Top Secret level with minimum user clearances of Secret.
  • Processing data up to the Top Secret/Sensitive Compartmented Information (TS/SCI) level with minimum user clearances of Top Secret.

PP conformant systems may be suitable for use in non-DoD environments. The mechanisms specified by this PP may be appropriate for the protection of administrative, private, and sensitive information. When a companys most sensitive information is to be sent over a publicly accessed network, the company should apply additional protection at the network boundaries.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

This U.S. Government Approved Protection Profile does not have any related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

 
Site Map              Contact Us              Home