atsec information security Evaluates IBM AIX 5.3 at Common Criteria EAL4+

AUSTIN, Texas – atsec information security is pleased to announce certification of IBM AIX 5L for POWER V5.3 Version 5300-05-02 with Argus Systems Group PitBull Foundation Suite 5.0 and optional IBM Virtual IO Server (VIOS) Version 1.3 at Evaluation Assurance Level 4 augmented (EAL4+) in compliance with the Labeled Security Protection Profile (LSPP).

LSPP defines requirements for products supporting access controls that are capable of enforcing access limitations on individual users and data objects. LSPP-compliant systems support multilevel security (MLS), which enables protection of sensitive data in complex, collaborative environments. This level of trust is mandated for use by U.S. government agencies and also is valued by commercial enterprises with extremely sensitive data to manage and protect.

AIX 5300-05-02 was certified by the Bundesamt für Sicherheit in der Informationstechnik (BSI). IBM and Innovative Security Systems, Inc. dba Argus Systems Group were developers for the evaluated product. IBM sponsored the evaluation effort.

Jay Kruemcke, AIX 5L Program Director at IBM, commented on IBM’s commitment to providing Common Criteria certified products, highlighting atsec’s contribution in the successful effort to achieve this goal: “IBM is committed to providing a secure, efficient and high performance computing infrastructure with AIX 5L running on System p servers. Security certifications are an important way for our clients to validate the security of AIX 5L. Our clients have benefited from the expertise atsec has provided to IBM to get AIX 5L through the security certification process.”

atsec previously evaluated AIX 5L Version 5200-05 and PitBull 5.0 as compliant with LSPP in May 2006. In fact, atsec information security is the world leader in Common Criteria evaluation of operating systems, which is the greatest test of competence in the field. Helmut Kurth, atsec Chief Scientist, notes: “Of all the successful operating system evaluations performed worldwide as listed on the official Common Criteria Portal web site (www.commoncriteriaportal.org), nearly half were performed by atsec.”

# # #

About atsec information security
atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in January 2000 and has extensive international operations with offices in the U.S., Sweden, the U.K., and China. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf.

Media Contact:
Andreas Fabis, fabis@atsec.com
Marketing Director
atsec information security
(512) 615-7317