AIX has received the following certifications
LSPP, RBACPP, CAPP/EAL4+ for AIX 6100-00-02 with Workload Partitions and the Virtual I/O Server
IBM AIX Version 6.1 at Technology Level 6100-00-02 has been certified to meet the requirements of the Common Access Protection Profile (CAPP), the Labeled Security Protection Profile (LSPP) and the Role Based Access Control Protection Profile (RBACPP) for the Common Criteria for Information Security Evaluation (CC) at Evaluation Assurance Level 4+. The certificate was issued by the Bundesamt für Sicherheit in der Informationstechnik (BSI). The AIX 6 Workload Partitions (WPAR) and the Virtual I/O Server Version 1.5 component of the PowerVM feature of Power Systems were included in the evaluation. The certification id is BSI-DSZ-CC-0461-2008.
CAPP/EAL4+ for AIX 5L 5300-05-02 with Virtual I/O Server
IBM AIX 5L for POWER V5.3 Technology Level 5300-05-02 along with the Virtual I/O Server Version 1.3 has been certified to meet the requirements of the Controlled Access Protection Profile (CAPP) for The Common Criteria for Information Security Evaluation (CC) at Evaluation Assurance Level 4+. The certification was issued by the Bundesamt für Sicherheit in der Informationstechnik (BSI). The Virtual I/O Server component of the Advanced POWER Virtualization feature of System p was included in the evaluation. The certification id is BSI-DSZ-CC-0385-2006.
LSPP/EAL4+ for AIX 5L 5300-05 with Pitbull Foundation Version 5.0
AIX 5L for POWER V5.3 Technology Level 5300-05-02 with PitBull Foundation Suite 5.0 and optional IBM Virtual I/O Server (VIOS) Version 1.3 has been certified to meet the requirements of the Labeled Security Protection Profile (LSPP) for The Common Criteria for Information Security Evaluation (CC) at Evaluation Assurance Level 4+. The certification was issued by the Bundesamt für Sicherheit in der Informationstechnik (BSI). The certificate id number is BSI-DSZ-CC-0396-2007.
LSPP/EAL4+ for AIX 5L 5200-06 with Pitbull Foundation Version 5.0
Bundesamt für Sicherheit in der Informationstechnik (BSI) Security Certification for PitBull Foundation Version 5.0 for AIX 5L for POWER Version 5200-05. This certification verifies that PitBull Foundation Version 5.0 for AIX 5L for POWER Version 5200-05 has been developed to meet the requirements of the Labeled Security Protection Profile (LSPP) and to meet the assurance requirements of Evaluation Assurance Level 4 augmented (EAL4+). The certificate number is BSI-DSZ-CC-0303-2006.
CAPP/EAL4+ for AIX 5L 5200-06
Bundesamt für Sicherheit in der Informationstechnik (BSI) Security Certification for AIX 5L for POWER Version 5200-06. This certification verifies that AIX 5L for POWER Version 5200-06 has been developed to meet the requirements of the Controlled Access Protection Profile (CAPP) and to meet the assurance requirements of Evaluation Assurance Level 4 augmented (EAL4+). The certificate number is BSI-DSZ-CC-0302-2005.
EAL4+
CAPP/EAL4+ for AIX 5L 5200-01
This certification verifies that AIX 5L for Power V5.2 has been developed to meet the requirements of the Controlled Access Protection Profile (CAPP) and to meet the assurance requirements of Evaluation Assurance Level 4 augmented (EAL4+). The assurance level is augmented by Basic Flaw Remediation. This evaluation level is achieved through a rigorous inspection of the AIX source code and testing by an independent auditing organization and certified by the German government authority, BSI.
Common Criteria, Part 2 & EAL4+
Bundesamt für Sicherheit in der Informationstechnik (BSI) Security Certification for IBM LPAR for POWER4 for the IBM pSeries p630, p650 and p690.
This certification verifies that the logical partitioning architecture (LPAR) for POWER4 for the IBM pSeries systems p630, p650 and p690 has been evaluated at an independent, accredited and licensed evaluation facility using the Common Methodology of IT Security Evaluation. This certification further verifies that the IBM LPAR for POWER4 for the IBM pSeries functionality is Common Criteria Part 2 conformant and meets the assurance requirements of Evaluation Assurance Level 4 augmented (EAL4+). The assurance level is augmented by Basic Flaw Remediation. This evaluation level was achieved through rigorous inspection and testing of the firmware by the independent evaluation facility and certified by the German government authority, BSI.
ISO 9001
Bureau Veritas Quality International (BVQI) ISO 9001 Certification
ISO 9001 is a set of guidelines and standards primarily concerned with quality management. Quality management means what an organization does to ensure that its products (or services) conform to the customer's requirements. When an organization has a management system certified to an ISO 9001 standard, this means that an independent auditor has checked that the processes influencing quality conform to the standard's requirements.
ICSA Interoperability
International Computer Security Association (ICSA) Virtual Private Network (VPN) Certification
This certification involved rigorous testing to verify that AIX's VPN capabilities meet tough ICSA security standards. The AIX operating system is an element of IBM's eNetwork Virtual Private Networks solutions that help provide safe, flexible and low-cost end-to-end-encrypted connections across the Internet and other public networks that otherwise would be vulnerable to hackers.
C2
Trusted Computer Systems Evaluation Criteria (TCSEC) C2 Level of Evaluation Certification
The assessment for the C2 level of security classification, issued by the United States National Security Agency, is performed under rigorous standards in accordance with the Trusted Computer Systems Evaluation Criteria (TCSEC). A system that has been rated C2 enforces a discretionary access control policy to protect information and allows users to share information under their control with other specified users. It enforces accountability and controls access to the system by identifying and authenticating users, prevents access to residual information from a previous user's actions, and provides capability for auditing security related events.
UNIX 98
UNIX 98 Product Standard Brand Certification
UNIX 98 is a result of collaboration between vendors and users to increase the compatibility of the UNIX operating system and to incorporate the state-of-the-art Internet capabilities historically associated with the UNIX system. The additional standardization provided by UNIX 98 will help user organizations protect the vast investments they have made in existing systems. It will also assist in the provision of a stable and predictable foundation for tomorrow's Internet-based systems. IBM's AIX 4.3.1 operating system is the first 64-bit OS to be branded UNIX 98.