Atsec Information Security (https://www.bsi.bund.de) has announced
the successful Common Criteria Certification of Mac OS X 10.6 (“Snow
Leopard”) at EAL 3 (augmented for flaw remediation) with the
Controlled Access Protection Profile [CAPP]. This certification
includes both Mac OS X and Mac OS X Server.
The certification of Mac OS X through the German BSI national scheme
adds another operating system to atsec’s portfolio of over 60 OS
evaluations. Atsec has been involved with evaluating operating
systems under Common Criteria for nearly a decade and our staff has
had experience with ITSEC and Common Criteria since the 1980’s.
The evaluation consisted of the operation of Mac OS X in a networked
environment with other instances of Mac OS X, as well as other
well-behaved network systems and operating systems administered by
the same management domain. All of the systems connected to the
network were configured according to a defined common security policy.
The main security functions of the evaluated configuration are as
follows: audit, user data protection, identification and
authentication; residual data protection; secure communication;
security management; and TOE self protection. The evaluation
technical report and the certificate will be available from the BSI
web site and also on the Common Criteria portal.