IBM, Oracle sponsor Linux security certifications

Linux may get the security credentials it needs for use in sensitive government jobs, thanks to IBM Corp. and Oracle Corp.

Each company announced this week that it will independently sponsor a Common Criteria evaluation of a version of the open source operating system.

Industry observers have long speculated that Linux would not be sponsored for Common Criteria evaluation due to the costs involved - usually ranging from $500,000 to $1 million, according to Oracle, Redwood Shores, Calif. - and the fact that no competitive advantage would ensue from sponsorship because open source licensing allows for free distribution. However, both companies are sponsoring evaluations to further use of their own hardware and software within government.

In addition, Red Hat Inc., Raleigh, N.C., announced this week that its version of Linux for servers won Defense Information Systems Agency's Common Operating Environment certification.

The National Information Assurance Partnership, a joint office of the National Institute of Standards and Technology and the National Security Agency, administers Common Criteria.

Last October, the Windows 2000 operating system from Redmond, Wash.'s Microsoft Corp. won Common Criteria certification from Science Applications International Corp., San Diego, which performed the third party testing. Oracle's evaluation will be handled by London IT services provider LogicaCMG Plc. IBM did not disclose its evaluator.

Oracle is also submitting a package of its Oracle9i Database Release 2 on top of a Linux operating system for review as well.

"Increasingly Oracle's security-conscious customers are interested in deploying Linux," said Mary Ann Davidson, chief security officer at Oracle.

IBM's sponsorship, which is independent of Oracle's, will submit a version of Linux used in its own eServer platforms.

"This investment represents the next step in IBM's ongoing commitment to accelerate the development of Linux as a secure, industrial strength operating system," said Jim Stallings, an IBM general manager of Linux solutions.

Red Hat announced that a configuration of its Red Hat Linux Advanced Server running on IBM's eServer won the Defense Information Systems Agency's Common Operating Environment, or COE, certification. COE certification is used by the Department of Defense Joint Technical Architecture to validate software for use in Defense Department command and control, computers, communications and intelligence systems.

"The COE certification of Red Hat Linux Advanced Server opens low-cost computing solution avenues to federal agencies for new open source server deployments," Stallings said.

(Updated Feb. 13, 2003, 3:57 p.m.)

About the Author

Joab Jackson is the senior technology editor for Government Computer News.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

I agree to this site's Privacy Policy.