Upload
others
View
26
Download
1
Embed Size (px)
Citation preview
SUSE® Linux Enterprise 12 Security CertificationsCommon Criteria, FIPS, PCI DSS, DISA STIG, ... What's All This About?
Thomas BiegeTeam Lead Maintenance/Security
2
3
Evaluation – Validation – Certification
Certification
Evaluation
Examine claims made about a target. “Claims” do not need to be based on standards.
Compare behavior of the software / module against an existing standard or expected behavior.
Validation
Security Certifications that matter
5
Common Criteria
• ISO/IEC 15408 (ITSEC, CTCPEC, TCSEC)
• Accepted by 26 countries
• Tested and verified by independent 3rd party (the
evaluator), at different Evaluation Assurance Levels
• Certificate created by government agency
• Includes development processes, IT infrastructure,
physical security, and HR procedures
“How can I be sure to get the security functionsI need?”
6
FIPS 140-2
• Federal Information Processing Standard (FIPS)
‒ FISMA, NIST SP 800, FedGov, financial industry
‒ Certificate is issued by NIST (US) and CSE (Canada)
• FIPS 140-2 ensures that
‒ Crypto algorithms/modes follow the newest standard
‒ No obvious crypto weakness exists
‒ No outdated algorithms or too short keys are used
‒ Self tests and integrity checks with each invocation of CM
“How can I be sure my ciphers are correctand up-to-date?”
7
DISA STIG
• DISA = Defense Information Systems Agency
• STIG = Security Technical Implementation Guides
• Secure configuration guides for military field users
• Mandatory requirement
• US DoD customers through DISA
“How can I lockdown my system tomake it less vulnerable?”
8
PCI DSS (Payment Card Industry)
• Conformance Certification for a customers
environment
• Covers more than the Operating System
→ an Operating System cannot be PCI DSS “certified”
• SUSE Linux Enterprise Server can be configured and
deployed to fulfill PCI DSS requirements
9
BSI IT Grundschutz (IT baseline protection)
• ISO/IEC 27001
• Information Security Management System (ISMS)
• Business Continuity Management (BCM)
• Certification of customers' environment
• Covers more than the Operating System
→ an Operating System cannot be ITGS “certified”
• Requires Common Criteria for higher security levels
• SLES can be configured to comply with required
measurements
SUSE Linux Enterprise 12Security Certifications Summary
11
Common Criteria Certification
• Certification Body:
• Evaluation Lab:
• Target of Evaluation (TOE): SLES12
• Protection Profile: OSPP 2.0 (including advanced
management, advanced audit, and virtualization)
• With augmentation for Flaw Remediation (FLR)
• EAL4, with mutual recognition!
12
Common Criteria Certification
• Architectures‒ x86-64 (Intel and AMD)‒ s390x
• Virtualization with KVM
• First time SELinux is used to separate VMs
• With btrfs and full system rollback...
• … or with full disk encryption
• Audit, IPSec, SSH, ...
• Installation via a special ISO (also contains FIPS
modules)
13
FIPS 140-2
Architectures‒ x86-64‒ other architectures might follow
Modules1. Kernel2. OpenSSL3. libgcrypt4. OpenSSH Client5. OpenSSH Server6. NSS (Level 2, depends on CC)7. StrongSWAN (IPSec)8. (Disk encryption)
14
FIPS 140-2 Status according to NIST
Module Name Vendor Name IUT In Review Coordination Finalization
SUSE Mozilla-NSS SUSE LLC
SUSE LLC
SUSE LLC Certificate received (#2464)
SUSE LLC
SUSE LLC
SUSE LLC
SUSE LLC Certificate received (#2435)
Review Pending
SUSE Linux Enterprise Server 12 - StrongSwan Cryptographic Module
SUSE Linux Enterprise Server 12 libgcrypt Cryptographic Module
SUSE Linux Enterprise Server 12 - OpenSSH Server Module
SUSE Linux Enterprise Server 12 - OpenSSH Client Module
SUSE Linux Enterprise Server 12 - Kernel Crypto API Cryptographic Module version 1.0
SUSE Linux Enterprise Server 12 OpenSSL Module
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140InProcess.pdf (2015-10-30)
15
Dependencies of FIPS CSMs
openssllibgcrypt NSS
CC EAL4+
kernelCrypto
API
FIPS 140-2 Level 2 requires an OS with CC EAL2, at least
opensshserver
opensshclient
strongswan
IKE v1/v2
EDC
dm_cryptcryptsetup PBKDF
PBKDFcryptoalgos
initializeIPSec
initialize block ciphers
in SUSE Linux Enterprise 12
16
DISA STIG
• SUSE is currently developing STIGs based on:
‒ General Purpose Operating System SRG
‒ Web Server SRG
‒ Project officially started with US Gov in June 2015
• Further development may cover:
‒ matching SCAP / OVAL content for automation
‒ cooperation with technology partners and community
‒ further roles / SRGs based on demand
17
PCI DSS (Payment Card Industry)
• Covers more than the Operating System→ an Operating System cannot be PCI DSS “certified”
• SUSE Linux Enterprise Server can be configured and deployed to fulfill PCI DSS requirements
• We provide consulting
• NEW: How-to guide for SLES12 is in preparation
18
Dependencies of Certifications
Common Criteria
(Security)
FIPS 140-2
(Crypto)
ARCH¹RNG²
STIG DISA
US-Mil
PCI DSS
Finance
BSI ITGrundschutz
DE-Gov
¹ ARCH = Security Architecture Document² RNG = Random Number Generator
19
When will certifications be available?
• FIPS 140-2‒ openssl Cert#2435 received this August‒ libgcrypt Cert#2464 received this October‒ waiting on CMVP only now
• Common Criteria‒ Q1 2016 (est.)
• DISA STIG‒ Q1 CY 2016 (est.)
• PCI DSS Guide‒ H1 CY 2016 (est.)
20
21
Thank you.
22
Your Questions!
Corporate HeadquartersMaxfeldstrasse 590409 NurembergGermany
+49 911 740 53 0 (Worldwide)www.suse.com
Join us on:www.opensuse.org
23
Unpublished Work of SUSE LLC. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.