Shostack + Friends Blog Archive


What do Apple's Common Criteria Tools Do?

Apple has made available a set of “Common Criteria” tools. The “evaluation” page is here. The evaluation criteria is “EAL 3, CAPP, version 1.d, October 8, 1999.” (The README is a bit better.)

If anyone would care to explain to me what I’ve just said, or, really, what the tools package does, I’d be much obliged.

PS: “Disatisfied? Help us improve!”

3 comments on "What do Apple's Common Criteria Tools Do?"

  • One translation would be “a specific configuration of OS X has been successfully checked for a specific level of security under documented assumptions, with a specified level of checking”.
    What assumptions? Well, one notable assumption listed in Apple’s Admin guide is
    “• All systems with which the Common Criteria configuration communicates, and the communication paths themselves, are assumed to be under the same management as the Common Criteria configuration and abide by the same security policies.”
    In other words, the system’s assumed to be disconnected from the Internet. The configuration is specified in detail, for example in order to meet it the guide tells you
    “When you reach the Administrator Account pane, make sure the password you specify has at least five characters.”
    Has anyone seen a better explanation of Common Criteria than ?

  • As far as what the tools do…
    The whole package is a set of audit log management tools.

  • Brian says:

    It’s a compliance checker: you run their CC Tools package on a machine, and now it’ll be in something very close to the audited configuration.
    EAL3 means they went through a moderate amount of paperwork in that audit, but no code was examined. CAPP names the threat model, which is as explained above—enough for use on private or disconnected networks, the same protection profile used for Windows NT a few years back.

Comments are closed.