Trusted Computer builds secure Linux operating system

By Bernard Cole
iApplianceWeb
(09/20/04, 2:31:32 PM GMT)

Herndon, Va. – Despite naysayers who think that Linux cannot be made secure,  Trusted Computer Solutions, Inc. (TCS) is building its Trusted Linux platform, what it believes will be the world's first commercially available multilevel-secure (MLS) Linux operating system. 

With beta testing now beginning, Edward Hammersla, chief operating officer at TCS said its Trusted Linux will be a key software component of a "trusted computing base" -- a rigorously vetted system of software, hardware and firmware that together correctly enforces a unified security policy. TCS Trusted Linux is expected to be available for purchase, with evaluation and accreditation processes underway, in early 2005. 

Hammersla said Trusted Linux will serve as the foundation for the company's SecureOffice suite of secure applications, designed to meet a level of security that is now required by the federal government and a growing number of commercial entities in the critical infrastructure protection sectors.

“TCS Trusted Linux is designed to accommodate the real-world needs of government and commercial IT managers, incorporating ease-of-use features that will make it far simpler to learn, less difficult to use and less cumbersome to administer than traditional trusted operating systems,” he said.

"Trusted Linux is a giant leap forward for advancing the security and simplifying the sharing of sensitive information across differing security domains while, at the same time, automating and enforcing the most stringent security policies.  

"This is a huge improvement over manual and unaudited methods of sharing information -- or worst case, not sharing information at all."  

It is targeted for certification under the US Common Criteria Evaluation and Validation Scheme at Evaluation Assurance Level 4 (EAL4). The Common Criteria is an international standard used to specify security functionality and assurance requirements for information systems and products. EAL4 is the highest assurancelevel ever targeted for a Linux OS.  

“EAL4 and higher levels are attained by very few operating systems, some of which require custom or specialized hardware,” he said, unlike its Trusted Linux which he claims is designed to run on technology from Intel and on standard, commercially available hardware platforms from leading vendors such as Dell, HP, IBM, Silicon Graphics and Sun Microsystems.  

The company is basing its Trusted Linux on the National Security Agency's SELinux, will incorporate the security functionality defined in three protection profiles recognized by Common Criteria: Labeled Security Protection Profile (LSPP), Controlled Access Protection Profile (CAPP) and Role-Based Access Control Protection Profile (RBAC).  

For more information, go to www.trustedcs.com.

For more information about topics, issues and technologies mentioned in this story go to the flashing icon in the upper left corner on any page or go to  the iAppliance Web Views page and call up the associatively-linked Java/XML-based Web map of the iApplianceWeb site.

Enter the appropriate key word, product or company name to list instantly every news and product story, product review and product database entry relating to the topic since the beginning of the 2002.