Validated Product List
Apple Computer Mac OS X v10.3.6 and Apple Computer Mac OS X Server v10.3.6,
Product Name: Apple Computer Mac OS X v10.3.6 and Apple Computer Mac OS X Server v10.3.6, both with Common Criteria Tools Package
Product Type: Operating System
Date: 23 November 2004
Conformance Claim: EAL 3, CAPP, version 1.d, October 8, 1999
PP Identifier: none
Key Words: None
Vendor: Apple Computer, Inc.
POC: Ron Dumont
CC Testing Lab: : Science Applications International Corporation
The TOE, Apple Mac OS X v10.3.6 and Apple Mac OS X Server v10.3.6, is a networked, general-purpose, fully-functioning Unix operating system, based on the Mach kernel and FreeBSD, which abstracts the complexity of Unix and provides a graphical user interface. Mac OS X and Mac OS X Server enforce the same security functions - the only differences lie in the area of performance.
The following hardware platforms are included in the evaluated configuration:
SECURITY EVALUATION SUMMARY
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Apple Computer Mac OS X v10.3.6 and Mac OS X Server v10.3.6 TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1 and International Interpretations effective on 27 June 2002. The evaluation methodology used by the Evaluation Team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is the EAL3 family of assurance requirements. The product, when configured as specified in "Common Criteria Configuration and Administration Guide - Setting up and administering the Common Criteria configuration using Mac OS X or Mac OS X Server", dated 17 December 2004, satisfies all of the security functional requirements stated in the Apple Computer Mac OS X v10.3.6 and Mac OS X Server v10.3.6 Security Target. One validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in December 2004. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-05-0086) prepared by CCEVS.
Apple Mac OS X v10.3.6 and Mac OS X Server v10.3.6, includes the Mac OS X operating system, supporting hardware and those applications necessary to manage, support and configure the operating system. Apple Mac OS X v10.3.6 and Mac OS X Server v10.3.6 provides a moderate level of independently assured security in a conventional TOE and is suitable for a cooperative non-hostile environment.
Mac OS X provides an advanced memory protection and management system. Mac OS X ensures reliability by protecting applications with a robust architecture that allocates a unique address space for each application or process. The Mach kernel augments standard virtual memory semantics with the abstraction of memory objects. This enables Mac OS X to manage separate application environments simultaneously.
While Mac OS X offers support for multiple file systems, only the HFS+ filesystem is supported in the evaluated configuration. Mac OS X also supplies the following advanced functionality:
While Mac OS X supports a wide range of protocols and network services, only TCP/IP and the NFS (Network Filesystem), DNS (Domain Name Service), and SSH (Secure Shell) services are supported in the evaluated configuration.
Apple Mac OS X v10.3.6 and Mac OS X Server v10.3.6 supports the following five security functions: