The evaluated IRIX system is a system of Silicon Graphics, Inc. (SGI) Origin 200 workstations and the Origin 3000 servers connected via an Ethernet. These UNIX-based multi-user, multi-tasking workstations provide high-performance, general-purpose computing in a reduced instruction set computer (RISC) workstation environment. The processor of the IRIX system workstation and server is the SGI MIPS R12000.
\r\nThe SGI Origin 3000 Series is a family of modular computer server systems. The various internal components of the various SGI Origin 3000 servers and their functions are divided into separate units called "bricks." These bricks are housed in short or tall rack enclosures.
\r\nThe SGI Origin200 workstation is a multiprocessor system that consists of one or two chassis, which are called modules. The Origin200 GIGA channel uses an additional chassis to provide four extra PCI slots and five XIO slots. Each Origin200 system ships from SGI in either a tower (free-standing) or rack mountable configuration.
\r\nIRIX supports discretionary access controls (DAC) to restrict accesses; an identification and authentication capability to mediate and validate requests for entry into the system; and an audit trail capability.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that SGI IRIX Version 6.5.13 with patches 4354, 4451, and 4452 meets the security requirements contained in the Security Target. The criteria against which the SGI IRIX Version 6.5.13 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1 and National and International Interpretations effective on November 21, 2000. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 3. The product, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. Four validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in May 2002. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-02-0019, dated 30 April 2002), prepared by CCEVS.
","environmental_strengths":"IRIX is a commercial UNIX operating system that provides identification and authentication, DAC, an audit capability, and object reuse. The IRIX kernel is responsible for providing memory management, process management, a consistent interface to system hardware, and mediating access to protected resources. IRIX includes an additional DAC facility, Access Control Lists (ACLs) for files and directories. The ACL is an optional component of the DAC policy and is used to provide more fine-grained protection than the group permissions.
\r\nIRIX supports multiple file system types in a manner transparent to the user. They include the IRIX eXtended File System (XFS) high-performance file system; the Network File System (NFS) for files stored on remote disks; and the Debug File System (DBG), a pseudo-file system in which a running process is represented as a file. All the IRIX file systems are organized into a traditional UNIX-like hierarchy with files as nodes. Non-leaf files are directories, special files that contain references to other files. All files can be identified by their place in the hierarchy, i.e., their pathname. Associated with every file is a set of attributes. These attributes include the file owner, a set of users that are assigned access rights to the file as a group, and information that specifies the access rights of the owner, group, and all other system users. Each of these is an IRIX protected resource.
\r\nThe IRIX kernel provides a variety of other mechanisms for interprocess communication. These include traditional UNIX mechanisms such as the pipe; System V mechanisms such as shared memory, semaphore sets, and message queues; and BSD TCP/IP sockets. IRIX protects the interprocess communications just listed. The IRIX DAC policy is implemented with permission bits and ownership in the traditional UNIX manner. The IRIX system is a distributed system and supports a range of network protocols and services. The evaluated configuration supports the TCP/IP and RPC protocols, and the ftp, rlogin, rsh, and telnet services.
\r\nAll workstations in the IRIX system share the same identification and authentication (I&A) database. A user information file, not visible to ordinary users, contains authentication and DAC related data. Other I&A related information is placed in files that are linked to the standard UNIX passwd file and group file.
\r\nThe IRIX system supports a set of distinct capabilities, which can be granted and relinquished through a set of inheritance rules. The mechanism is an implementation of POSIX P1003.1eD17 capabilities.
\r\nAudit records of security relevant events are generated on each workstation of the IRIX system. These records contain the initial login identifier of the user who initiated the audited event. IRIX commands allow the system administrator to selectively audit events. SGI provides tools to reduce the audit logs for analysis.
\r\nIRIX supports the UNIX setuid and setgid mechanisms that allow a process to run with the UID or GID of the owner or owning group of the invoked file. Some IRIX special user identifiers own IRIX programs and IRIX uses the setuid mechanism so that processes invoking these programs assume the special identity via the setuid mechanism. For example, processes in the print subsystem always run with the user identifier of lp. Likewise, IRIX uses the setgid mechanism to cause processes that invoke programs to run as a member of root 's group sys. Being a member of that group allows the process access to files to which the invoking user would not otherwise have access.
\r\n","features":[]}