Secure Linux OS expected in early 2005

Secure Linux OS expected in early 2005

Agencies can expect a commercial version of Linux that meets government requirements for handling classified material to hit the market early next year.

Trusted Computer Solutions Inc. of Herndon, Va., expects to begin beta-testing Trusted Linux this fall. TCS plans to seek Common Criteria certification at Evaluation Assurance Level 4, chief operating officer Edward Hammersla said.

'The only game in town right now that achieves that level of assurance is Trusted Solaris,' he said.

The Solaris operating system runs on hardware from Sun Microsystems Inc. 'There is a growing need in the government for having this level of security on the Intel platform,' Hammersla said.

Trusted Linux will run on standard PC platforms.

The trusted version of the open-source OS will automate and enforce stringent security policies to achieve multilevel security, enabling top-secret and below interoperability. It will be based on the kernel from the National Security Agency's Security Enhanced Linux project.

'We're fleshing out all of the functionality requirements needed for MLS,' Hammersla said.

The TCS software will incorporate security functionality specified in Director of Central Intelligence Directive 6/3. The specifications are defined in the Labeled Security Protection Profile, Controlled Access Protection Profile and the Role-based Access Control Protection Profile.

The OS will be evaluated against these profiles for Common Criteria certification.

Common Criteria evaluation is required for security products used in national security systems, but government customers can begin buying and using the software with a commitment from the vendor that the product will undergo evaluation.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.