gov't certified "secure" Unix

Doug Gwyn gwyn at smoke.BRL.MIL
Wed Jul 19 16:52:15 AEST 1989


In article <310 at pwa-b.UUCP> miorelli at pwa-b.UUCP (BoB Miorelli) writes:
>Are any Unix systems certified as `secure' by the government?  I'm
>looking for versions and level of security (such as C2, B1, etc.)

NCSC has rated a special version of Gould's UTX/32 at the C2 level.
AT&T's System V/MLS Release 1.1 is currently being evaluated at the
B1 level and may be certified this fall.
Trusted Information Systems's Secure Xenix Version 1.1 is also under
evaluation, for level B2, but will probably not be certified until
mid-1990.

System V/MLS was being demonstrated at the recent USENIX conference
in Baltimore.  It looked really nice, and has one additional feature
that made my mouth water:  An attached 630 MTG terminal was
downloaded with trusted software that maintained multiple window
layers AT DIFFERENT SECURITY LEVELS and properly constrained the
otherwise free transfer of information among them by the terminal's
built-in mouse-driven text editing features.

I hope that in the not too distant future, MLS features will be
provided as configurable options packaged with the standard AT&T
UNIX source releases.  There are corporate uses for enforced security
levels outside the government/military.



More information about the Comp.unix.questions mailing list