The terms CC, CAPP, EAL4+ are used often in AIX security discussions. The article discusses about these in AIX perspective. Let’s understand what exactly CC, CAPP and EAL4+ are.
What is CC
CC is Common Criteria. Its an ISO15408 standard for assurance evaluation of IT products. Any system evaluated according to Common Criteria will be CC Evaluated System.
What is CAPP
CAPP is Controlled Access Protection Profile, another standard for evaluating the security of system according to Common Criteria(CC). So, a CAPP compliant system is one which is designed for meeting CAPP according to CC.
What is LSPP
LSPP is Labeled security Protection Profile. LSPP has further security restrictions and is available for
installation with “Trusted AIX†only.
What is EAL4+
EAL4+ is Evaluation Assurance Level 4. Any CAPP system will be called CAOO/EAL4+ system. EAL4+ puts some restrictions on software installation during Base Operating System Install(BOS). Network access is also restricted according to these standards. The other profile available with LSPP/EAL4+.
If a system is evaluated according to CC, then it will remain valid only till the specific hardware/software configuration of the system is unchanged. Making any changes to the configuration brings the system in non evaluated state. That simply means that system is no longer certified. This does not necessarily mean that the system is in non-secured configuration.
A CAPP/EAL4+ technology option will be only available if
-
Installation is set to New and Complete Overwrite.
-
64 bit kernel is being used.
-
English language is used.
-
JFS2 is enabled.
After setting CAPP/EAL4+, TCB is automatically set to ‘Yes’.
The topics are discussed in full details in the book SC23-6603-00. The book is available for free download from redbooks website.