openPR Logo
Press release

atsec information security Evaluates IBM AIX 5.2 at Common Criteria LSPP/EAL4+

05-18-2006 09:44 AM CET | IT, New Media & Software

Press release from: atsec information security corporation

First-ever LSPP AIX product evaluation

atsec information security is pleased to announce completion of the first-ever Labeled Security Protection Profile (LSPP) Common Criteria evaluation of the AIX operating system. IBM AIX 5.2 maintenance level 05 (AIX 5200-05) was successfully evaluated at evaluation assurance level (EAL) 4 augmented by ALC_FLR.1, compliant with LSPP. LSPP defines requirements for products supporting access controls that are capable of enforcing access limitations on individual users and data objects.

AIX 5200-05 was certified by the Bundesamt für Sicherheit in der Informationstechnik (BSI). The operating system is certified on IBM Power series p520, p570, and p595 servers. IBM sponsored the evaluation effort.
In addition to verifying LSPP compliance, the evaluation marks the first examination of enhanced access control mechanisms implemented in AIX. In addition to the standard discretionary access control (DAC) and mandatory access control (MAC) mechanisms defined by LSPP requirements, AIX 5200-05 implements these new mechanisms:

– mandatory integrity control (MIC)
– trusted computing base (TCB)
– advanced security networking (ASN)
– privileges and authorizations (splits root privileges into a set of privileges relevant to the kernel and authorizations relevant to the user space)

Of course, operating system evaluations are always demanding, but because of the additional access control mechanisms implemented in AIX 5200-05, this evaluation was particularly complex. Stephan Mueller, atsec Lead Evaluator for the project notes: “Because AIX 5200-05 LSPP includes radically different access control functionality from earlier AIX versions, just defining the requirements within the context of the Common Criteria model took a creative approach”.

In fact, atsec information security is the world leader in Common Criteria evaluation of operating systems. Operating system evaluation is the greatest test of competence in the field, and atsec continues to earn its reputation as the world leader in this sphere. Helmut Kurth, atsec Chief Scientist, notes: “Of the 42 successful operating system evaluations performed world-wide as listed on the official Common Criteria Portal web site (, 22 were performed by atsec.”

About atsec information security
atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec launched its U.S. business in May 2003, building on extensive success in Europe dating back to 2000. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, BMW, SGI, Swisscom, RWE, and Vodafone. For more information, please visit

Media Contact:
Andreas Fabis
atsec information security corporation
(512) 615-7317

atsec information security corporation
9130 Jollyville Road, Suite 260
78759 Austin, TX

Phone: +1-512-615-7300
Telefax: +1-512-615-7301

This release was published on openPR.

Permanent link to this press release:

Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release atsec information security Evaluates IBM AIX 5.2 at Common Criteria LSPP/EAL4+ here

News-ID: 9165 • Views:

More Releases from atsec information security corporation

The Vatican signs the ISO/IEC 15408 International Recognition Arrangement (I^2RA …
Recognizing the need for secure IT products in all regions of the world, and in support of an internationally agreed Arrangement allowing for the mutual recognition of independently evaluated and validated information technology (IT) products, the Vatican has decided to sign the ISO/IEC 15408 International Recognition Arrangement (I^2RA) and has started to validate the security evaluations of IT products. The I^2RA was established in 1996 and was used as the basis
atsec offers Recognized Assessor services for the Open Trusted Technology Provider™ Standard Accreditation Program
atsec offers Recognized Assessor services for the Open Trusted Technology Provid …
atsec is one of the initial Recognized Assessor companies(i) accredited for the Open Trusted Technology Provider™ Standard Accreditation Program which was announced today during The Open Group(ii) conference in San Francisco, CA. This accreditation program provides the opportunity for technology integrators and their suppliers throughout the global supply chain, to demonstrate conformance to the O-TTPS standard. atsec has participated in the industry-led Open Group Trusted Technology Forum since the forum's formation
Call for papers: International Cryptographic Module Conference 2013
This first ICMC aims to bring together experts from around the world to confer on the topic of cryptographic modules, with emphasis on their secure design, implementation, assurance, and use, referencing both new and established standards such as FIPS 140-2 and ISO/IEC 19790. We are focused on attracting participants from the engineering and research community, test laboratories, government organizations, the procurers, deployers and administrators of cryptographic modules and academia. Our program
atsec makes Third Party Auditor agreement with NASPO
atsec makes Third Party Auditor agreement with NASPO
Austin, TX – atsec information security is pleased to announce its affirmation as a third party auditor for the North American Security Products Organization (NASPO). In this role, atsec has completed the necessary training from NASPO and will conduct audits required to attain certification under the ANSI/NASPO-SA-2008 standard. NASPO was founded in 2002 by companies and individuals in the security products industry who recognized the need for the control of

All 4 Releases

More Releases for AIX

AIX Cloud Hosting - AIX 7.2 TL4 now available at is announcing the availability of AIX 7.2 TL4 in our IBM Power Cloud environment. has offered AIX Cloud Hosting since 2008 and was the first to develop this capability. AIX LPARs/VMs can be ordered directly from our web site at and are automatically deployed in about 10 minutes from the time an order is placed, NO WAITING days or weeks for your order to be fulfilled. Site Ox
Corn Thresher Market Analysis Focuses on Innovations & Opportunities Experienced …
The demand for corn threshers have increased tremendously over the last two decades due to the ease of usability rather than hand plucking corn. However, adapting to existing alternatives of using corn threshers to shell corn, which is often unaffordable and difficult to obtain for subsistence farmers. Furthermore pedal-powered devices are difficult to transport to several users. As a result, several farmers would require to travel long distances to process
XinFin Partners With AiX, A Leading AI Trading Platform Backed By Major Regulate …
XinFin Network, an open source enterprise-friendly hybrid blockchain platform has partnered with London-based AiX, a leading AI Trading Platform backed by a FINRA-registered Wall Street Brokerage Firm. AiX has a team of experienced inter-dealer brokers holding FINRA Series 7, 63, 55 and 24 designations in the US in addition to FCA registrations in the UK. As a part of this partnership, XinFin will extend its platform and technology to AiX for
“Future Innovations by Schüschke” at the AIX 2018
Kirchentellinsfurt, 05 March 2018 – From 10th to 12th of April 2018, Schüschke will be exhibiting in Hall B7 at stand 7A29 at the Aircraft Inte-riors Expo (AIX) in Hamburg. The processor of the solid surface material Varicor®, used in the aircraft industry, gives an insight into its latest prod-uct developments. Schüschke will be reflecting the trade fair motto "Future Innovations" with promising new developments: Visitors can look forward to
Bühler Motor and Dornier Technologie present PAXCOM at AIX Hamburg
Nuremberg, March 19, 2014 – Experience the future of integrated actuation for Business- and First-Class seats live, as presented by Bühler Motor and Dornier Technologie at the Aircraft Interiors Expo Hamburg trade fair. The system is called PAXCOM and this will be its premiere among discerning industry visitors looking for new seat actuation alternatives. PAXCOM, which stands for maximum passenger comfort with low weight and lower system costs. And the additional benefit
New Juvenile Products Lab opened by SGS in Aix En Provence, France
The new facility in France is expected to cater for a wide spectrum of testing requirements within the juvenile products industry, with testing services available so that manufacturers, retailers and importers can meet the quality standards required for trade within the EU. The new SGS laboratory will be able to test high chairs, beds, cradles, playpens and changing tables as per the standards set by EN 14988, EN 716, EN