IBM earns Linux certification

The door just got a little bit wider for Linux to be used by government agencies for mission-critical systems now that IBM Corp. has earned security certification for the open-source operating system.

IBM and SuSE Inc. Linux have achieved Common Criteria security certification for SuSE Linux Enterprise Server 8 running on IBM eServer xSeries. The Common Criteria are internationally recognized standards used by the federal government and other organizations to assess the security of technology products.

"Definitely one of the obstacles that blocked lots of government folks from using Linux" has been removed, said John Pescatore, a vice president at Gartner Inc. Now Linux will be used more often for vital systems, he said.

The current level of security in Linux has been sufficient for IBM's 150 government users that have deployed the open-source operating system, said Scott Handy, director of Linux software solutions for IBM. Many of those customers use Linux as an alternative to Microsoft Corp's. Windows operating system to run general-purpose office applications. But some have more stringent security requirements, which IBM can now meet by earning Evaluation Assurance Level 2 (EAL2) certification, Handy noted.

The certification is a milestone because "many thought open-source [software] could not pass the [rigorous testing] of the Common Criteria," Handy said.

IBM and SuSE have applied for a higher level of security certification for Linux, the Controlled Access Protection Profile with EAL3 that will be available for IBM eServers. By year's end, the companies also expect to meet the Defense Department's Common Operating Environment, a set of military requirements for technology products.

Featured

  • Cybersecurity
    malware detection (Alexander Yakimov/Shutterstock.com)

    Microsoft targets copycat influence websites

    Microsoft went to court to take down websites it believes to be part of a foreign intelligence operation targeting conservative think tanks and the U.S. Senate.

  • Cybersecurity
    secure network

    FAA explores shifting its network to FISMA high

    The Federal Aviation Administration is exploring an upgrade to the information security categorization of IT systems as part of air traffic control modernization.

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.