The Cray UNICOS/mp Operating System and X1 hardware represent a complete operating system product provided by Cray Inc.
\r\nThe Cray UNICOS/mp Operating System Version 2.4.15 on Cray X1 hardware TOE consists of several components, both hardware and software. The hardware is grouped into three sections: the Cray X1 mainframe, the Cray X1 I/O architecture, and the Cray X1 support system. The software is composed of the UNICOS/mp operating system that runs on the Cray X1 mainframe. The following components run in the I/O architecture, the Cray Programming Environment Server (CPES), Cray Network Subsystem (CNS), and support system sections (Cray Workstation, CWS), but are not included within the scope of the TOE.
\r\nThe primary hardware component is the Cray X1 mainframe itself, which is composed of nodes. A node is a group of 4 processors and shared memory, along with 4 high-bandwidth interconnection modules (SPC I/O Ports). Multiple nodes can be interconnected with a minimum of 2 nodes required to create a useable Target of Evaluation (TOE). Interconnected multiple nodes provide shared processing capacity and memory across all nodes.
\r\nThe UNICOS/mp operating system that runs on the mainframe is based upon IRIX 6.5, optimized for use on Cray X1 hardware. The UNICOS/mp operating system provides for separate hardware modes of operation, having kernel and user modes, and a number of security functions (summarized below).
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the Cray TOE meets the security requirements contained in the Security Target - Cray UNICOS/mp Operating System Version 2.4.15 on Cray X1 hardware Security Target, version 0.6, July 19, 2004.
\r\nThe criteria against which the Cray TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Science Application International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the Cray TOE is EAL 2 augmented with ALC_FLR.1. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target.
\r\nA Validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in August 2004. Results of the evaluation and associated validation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report.
","environmental_strengths":"The Cray TOE provides user data protection, identification and authentication, security management, and TSF protection features as they relate to securely supporting simultaneous users in an operating system.
\r\nUser Data Protection: The UNICOS/mp operating system enforces a discretionary access control (DAC) policy on all subjects and objects. Discretionary Access Control (DAC) is the access control mechanism by which a person who created an object can choose to grant a specific type of access to another user or group of users. Access to objects is controlled based solely on the identity of the user and the identity of the object. The implementation of a DAC policy is accomplished by the association of attributes that are specific to the type of object (also called resource). Access to the resource then initiates a check of the attributes to determine whether and what type of access is granted to the resource.
\r\nIdentification and Authentication: Identification and Authentication security functions provided by the UNICOS/mp operating system relate primarily to user attributes and authentication. Through the provided security management functions (see next section), an administrator is able to create a user and associate various attributes to that account. These attributes can include items such as authentication data, and group memberships. Based upon the associated attributes, a user can then authenticate to the UNICOS/mp operating system, and access resources for which access has been granted.
\r\nThe UNICOS/mp operating system also provides system security by not allowing any actions to be taken on the system without a successful user authentication, providing that only authorized users have access to the resources of the TOE. In addition, all actions are bound to a user, preventing users from interfering or accessing each others work and/or resources.
\r\nSecurity Management: The UNICOS/mp operating system provides a collection of tools for authorized administrators to manage user accounts and data. These include tools for the management of authentication data, as well as user tools for the self-management of passwords. The UNICOS/mp operating system also provides tools for the creation and management of DAC policies, allowing authorized to manage ACLs and permission bits of files, directories and other resources. The UNICOS/mp operating system provides the role of root for the authorized administrator.
\r\nProtection of the TSF: The UNICOS/mp operating system and associated hardware protects itself by assuring that the security policies are always enforced, providing a basis for all other security functionality, including domain separation, which prevents untrusted processes from interfering with the TOE. This ensures that kernel mode processes cannot be tampered with by untrusted processes (such as user processes).\r\n
\r\n