Table of Contents
Advertisement
Appendix B. Developing, Building, and Delivering a Certified
System
This appendix is intended to provide guidance in setting up, operating, and
managing a secure consolidated environment using System z9 PR/SM. It is
primarily for the security administrator, but can also be useful to other involved
operations technical support personnel.
Creating Common Criteria-Based Evaluations
In October 1998, after two years of intense negotiations, government organizations
from the United States, Canada, France, Germany, and the United Kingdom signed
a historic mutual recognition arrangement for Common Criteria-based evaluations.
This arrangement, officially known as the Arrangement of the Recognition of
Common Criteria Certificates in the field of IT Security, was a significant step
forward for government and industry in the area of IT product and protection profile
security evaluations. The partners in the arrangement share the following objectives
in the area of Common Criteria-based evaluation of IT products and protection
profiles:
v To help ensure that evaluations of IT products and protection profiles are
v To increase the availability of evaluated, security-enhanced IT products and
v To eliminate duplicate evaluations of IT products and protection profiles, and
v To continuously improve the efficiency and cost-effectiveness of security
The purpose of this arrangement is to advance those objectives by bringing about a
situation in which IT products and protection profiles which earn a Common Criteria
certificate can be procured or used without the need for them to be evaluated and
certified/validated again. It seeks to provide grounds for confidence in the reliability
of the judgement on which the original certificate was based by declaring that the
Certification/Validation Body associated with a Participant to the Arrangement shall
meet high and consistent standards. The Arrangement specifies the conditions by
which each Participant will accept or recognize the results of IT security evaluations
and the associated certifications/validations conducted by other Participants and to
provide for other related cooperative activities.
The IBM System z9 PR/SM functionality and assurances have been evaluated and
certified at an EAL5 level of assurance.
This appendix must be used in conjunction with other pertinent System z9 manuals
supplied with the System z9 to give a security administrator all the required
information to configure and operate an LPAR-mode system in a secure manner.
This appendix provides instruction on the correct use of the system so that a secure
consolidation environment is created and maintained. It defines and explains the
parameters, settings, and commands recommended by IBM, including references to
those sections in the manuals being discussed in "Trusted Facility Library" on page
B-14.
© Copyright IBM Corp. 2005, 2008
performed to high and consistent standards and are seen to contribute
significantly to confidence in the security of those products and profiles
protection profiles for national use
evaluations and the certification/validation process for IT products and protection
profiles.
B-1
Advertisement
Chapters
Table of Contents
