C2 for Linux? 4
Signal 11 asks: "I've been doing some research on government security certifications for Linux, specifically the C2 classification put out by the NSA. The results are that there is only one project underway - SGI Linux is apparently a low profile project underway at SGI (sorry for breaking it wide open guys) to get C2 for Linux. They won't begin testing though until 2001. Given that there is virtually no information about this project, however, I rather wonder whether SGI is still pursuing it. My question is: what's being done for C2 or higher classification of Linux right now?"
it's a long way ... (Score:1)
Don't expect the C2 for kernel 2.2 before the release of kernel 2.8 .
And even then, it will be a special kernel with a special distro - and
til these modifications go into mainstream we will have kernel 3.0 or 3.2.
Expect 3.2 to arrive at 2008 (assuming they don't any version-jumping).
Flask security kernel and Trusted IRIX (Score:2)
Almost jumped out of my skin when I saw http://oss.sgi.com/projects/ob1/, the components that make Trusted IRIX/B "trusted". That may be what SGI is adapting to Linux.
InterSect Alliance (Australia) working on Linux/C2 (Score:2)
The InterSect Alliance Development Target beginning 2nd Quarter 2000 has been identified as investigating the integration of a government strength C2 security audit module for the Linux operating system.
One of the factors that has been identified as hindering the migration of open-source operating systems into the government market is the lack of core integrated security services.
InterSect Alliance intends to provide resources towards the investigation into introducing kernel and module level extensions to the Linux operating system in order to facilitate C2 level auditing capabilities.
NT and C2 (Score:2)