Red Hat Linux received the security seal of approval recently when it became certified at a level that puts it on par with with Sun Microsystems' Trusted Solaris operating system, reports IDG News Service.
The EAL4 Augmented with ALC_FLR.3 certification level of certification will make the company more attractive to sensitive government agencies such as the Department of Defense and the National Security Agency.
"This is the highest level of security function that anybody has," Frye said. "We have delivered LSPP functionality in Red Hat Enterprise Linux 5 and we have certified that at the EAL4 level of assurance," said Dan Frye, vice president of open systems with IBM.
The rating is awarded by the government-funded National Information Assurance Partnership's (NIAP) Common Criteria Evaluation and Validation Scheme for IT Security program, which evaluates the security of commercial technology products.
Linux developers have been working to add these "SE Linux" access control features into the operating system for several years now. SE Linux shipped as part of Red Hat Enterprise Linux 5, and now it has been certified for government use, Frye said. "You now have a level of fine-grained control for everybody," he added. "You can set security based on groups or based on individuals."
In addition to LSPP Red Hat Linux has also been certified with Role Based Access Control Protection (RBAC), and that too is noteworthy, said Red Hat.
"Historically, OS vendors have required you buy a separate branched OS to get something that is LSPP and RBAC certified," the company said in a statement. "This is something completely unique for commercial operating systems because the support for multilevel security is native to the OS."
According to Frye, the certification is "big news for the Linux industry" because it shows that open-source software can be used for sensitive computing tasks. "If anyone had any doubts that you could do this with an open-source operating system, we've proved them wrong."