Printer Friendly

IEEE Works on Secure OS Standards.

The Institute of Electrical and Electronic Engineers has started work on a standard for securing operating systems, as a recognition that software security is "limited by the operating systems that underpin them", the organization said yesterday.

The P2200 Base Operating System Security working group will look at creating "baseline consistent security requirements" for commercial off-the-shelf operating systems, using the Common Criteria standards as a starting point.

Common Criteria is a set of International Standards Organization "profiles" used to determine whether a security product meets certain basic requirements. In the US, CC is administered by the National Institute of Standards and Technology.

But the IEEE said that using the CC framework is optional, and that the final standard will not necessarily look like CC. Varying standards will likely be created for different types of operating systems.

The organization said that BOSS will address identification, authentication, access control and cryptographic concepts. Currently the plan is to have something completed before the end of next year.

Jack Cole, chair of the working group, said that input is being encouraged from OS developers, government, and end users in the financial and process control industries - critical infrastructure managers and the likely early adopters of such technology

"We must have as much buy-in as possible, so the standard is widely used and supported by both producers and users," Cole said in a statement.

Group vice chair Gary Stoneburner added: "It also will take advantage of the ISO Common Criteria framework as a tool, not a requirement." and that the effort helps "by moving OS security standards from government edict to community consensus."
COPYRIGHT 2003 Datamonitor
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2003 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Institute of Electrical and Electronic Engineers
Publication:Computergram International
Article Type:Brief Article
Date:Sep 12, 2003
Previous Article:Torvalds Rejects SCO's Open Letter.
Next Article:Gartner Counts the Cost of Desktop Linux Migrations.

Related Articles
Dr. Herman P. Schwan.

Terms of use | Privacy policy | Copyright © 2021 Farlex, Inc. | Feedback | For webmasters |