Tresys Technology | Solution Brief

Solution Brief

Tresys provides a secure Linux

platform for building systems which

require certification and/or

accreditation.

Customer Profile
This U.S. Government agency provides Security Enhanced Linux (SELinux) solutions that enable defensive information operations. This includes securing information infrastructures critical to U.S. national security interests. To support these requirements this agency is responsible for the design, development, and deployment of tamper-proof, highly-secured systems.These systems must pass stringent USG evaluation and accreditation guidelines before deployment.

Business Challenge
The process and associated documentation for the development, certification and accreditation (C&A) of systems is a complex and expensive endeavor. Additionally, each new system or implementation requires application of the entire C&A process again.. Vendors regularly spend millions of dollars to attain differing levels of evaluation. Expediting the process would save time and money for this agency and the associated vendors.

Tresys Solution
Two of the major evaluation criterions are the Director of Central Intelligence Directive (DCID) 6/3 and the National Institute of Standards and Technology (NIST) Special Publication 800-53. Tresys, in collaboration with the agency, developed the Certifiable Linux Integration Platform (CLIP) as a means to expedite the evaluation process, in particular, the two major evaluation criterionsCLIP includes a Tresys-developed secure configuration baseline of the Red Hat Operating System (OS) and the relevant documentation to support certification and accreditations. This package serves as a certified starting point OS on which vendors can build their solutions – thereby eliminating evaluation of OS requirements for each accreditation effort.

Benefit
Government and commercial entities that build information technology solutions on Linux and require accreditation of the base OS are able to achieve rapid accreditation with CLIP. Savings are realized in all phases. Development time is significantly shortened as developers do not have to repeat most of the rudimentary platform analysis and implementation for these systems. Certification time is also shortened as CLIP provides a common, vetted platform containing the required evidence necessary for certification.

About Tresys Technology
Tresys Technology is a principal open source contributor to Security Enhanced Linux (SELinux), with an emphasis on making SELinux easier to use and manage. In addition to its extensive Secure Linux technology development, services, and training experience, Tresys provides many technology solutions that allow Linux users and administrators to easily leverage the power of SELinux. Tresys also provides business and government organizations with expert security engineering services, including security testing, evaluation and certification support, cryptographic solutions, and security technology innovation.