atsec information security Evaluates IBM PR/SM LPAR for z9-109 at EAL5
2006-04-18atsec information security is pleased to announce completion of a Common Criteria evaluation of IBM Processor Resource/System Manager (PR/SM) LPAR for IBM z9-109 at evaluation assurance level (EAL) 5. IBM PR/SM was certified by Germany’s Federal Office for Information Security (BSI). IBM PR/SM was scrutinized on the IBM z9-109 server platform, IBM’s latest mainframe platform for on demand enterprise computing. IBM sponsored the evaluation effort.
PR/SM is a cornerstone of IBM's mainframe security. PR/SM’s logical partitioning facility enables the resources of a single physical zSeries machine to be divided and shared by distinct logical machines, each capable of running z/VM, z/OS or Linux. All of these operating systems have been evaluated under the Common Criteria by atsec at different assurance levels. The system administrator can configure the distinct logical machines to ensure complete isolation from one another; one logical machine cannot gain knowledge about any other logical machine’s available I/O resources or performed operations. This assurance enables PR/SM to meet stringent requirements for confidentiality of processed information including requirements mandated by the federal government and the banking industry.
Gerald Krummeck, Common Criteria Lab Director, notes: “Clearly, this "assured security" directly benefits IBM customers who entrust their business-critical operations to these certified products, but it also indirectly impacts every individual involved in any sort of financial, medical, or other transaction processed through an IBM mainframe computer.”
The very successful partnership of atsec as evaluation lab, IBM as sponsor, and BSI as certification body has led to timely completion of three PR/SM certifications since May 2004, in part because the product knowledge gained by BSI during its initial scrutiny of the product could be carried forward to later evaluations. This experience has also led to the EAL5 evaluation methodology documents provided by BSI (AIS34), which form a sound basis for such high-assurance evaluations. The almost continuous process of re-evaluation of PR/SM has successfully ensured that customers are provided with timely assurance of the PR/SM security features.
EAL5 certification includes recognition by member countries of the Common Criteria Recognition Arrangement (CCRA) at the EAL4 level.
The PR/SM for IBM z9-109 evaluation is the latest in a series of successful projects by atsec to certify complex systems at ambitious assurance levels. From early in its history as a Common Criteria evaluation lab, atsec has led the way in operating system evaluations under both the German BSI and U.S. CCEVS Schemes. atsec’s record of evaluation at this level since 2002 includes evaluations of IBM AIX 5.2; six Linux versions on five different platform architectures; two IBM z/OS versions, as well as the zSeries-based z/VM and PR/SM virtual machine and logical partitioning products. Of the 44 successful operating system evaluations performed world-wide as listed on the official Common Criteria Portal web site (www.commoncriteriaportal.org), 24 were performed by atsec, and that record does not include an ambitious evaluation that is currently in the validation phase: AIX 5.2 Labeled Security Protection Profile (LSPP)/EAL4+.
The IBM PR/SM LPAR for z9-109 certificate can be found here.
About atsec information security
atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec launched its U.S. business in May 2003, building on extensive success in Europe dating back to 2000. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, BMW, SGI, Swisscom, RWE, and Vodafone.
