©January 1998, The Open Group All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of the copyright owners.

Motif,® OSF/1,® UNIX,® and the "X Device"® are registered trademarks and IT DialTone^TM; and The Open Group^TM; are trademarks of The Open Group in the U.S. and other countries.

Product Standard

NAME

Baseline Security 96

LABEL FOR LOGO

Security

DESCRIPTION

This Product Standard defines a guaranteed minimum level of security functionality that products must provide. It also defines specific default settings in cases where the requirement is to provide selectable security options. To be registered as conformant to this Product Standard a system must provide this level of security, or greater.

This Product Standard is platform-independent. Any system that meets the defined security level can be registered as conformant. Details of the actual system/operating system must be recorded in the Conformance Statement.

CONFORMANCE REQUIREMENTS

To conform to this Product Standard a product must support all the mandatory security functionality and default parameter settings defined in the X/Open XBSS Specification.¹

The vendor of a product registered as conformant to this Product Standard provides a guarantee of conformance through:

• The terms of the Trademark License Agreement, by warranting and representing that the product complies with the X/Open XBSS Specification, and that it will continue to conform, and that if any non-conformances come to light they will be corrected within the specified timeframe or the Open Brand will be lost.

• The publicly available Conformance Statement; in particular the claim documented in the Conformance Statement (and demonstrated to X/Open if/when audited) of comprehensive testing that indicates that the security functionality defined in the X/Open XBSS Specification is obtained.

The Product Identification section of the Conformance Statement must uniquely identify, in the normal way, the product that is registered as conformant to the Product Standard. However, when considering systems security, it is necessary to be more precise and identify whether the Target of Conformance (TOC) is the whole product, or whether it is a subset of the product such that usage of functionality outside the TOC could reduce the level of security of the system. (The Trusted Computing Base (TCB) is defined as the totality of protection mechanisms within an IT system, including hardware, firmware, software, and data, the combination of which is responsible for enforcing the security policy. The Target of Conformance (TOC) is the TCB together with any additional software that contains no security-relevant code. See the X/Open XBSS Specification, Section 3.4, Defining the Target of Conformance.)

The Conformance Statement must also set out the criteria that an application must meet in order to guarantee that it can be added to the TOC without compromising conformance to the X/Open XBSS Specification.

As the functionality in the X/Open XBSS Specification is defined in general terms without mandating the use of any specific application interfaces, human/computer interfaces, interchange standards, or interoperability protocols, the proforma sections that normally give the detailed requirements of these aspects are not relevant. For the same reason there are no defined Indicators of Compliance, but note that the brandee is required to have carried out comprehensive testing and to record in the Conformance Statement that this has been done.

OPERATIONAL ENVIRONMENT

Not applicable.

PORTABILITY ENVIRONMENT

Not applicable.

OVERRIDING STANDARDS

None.

INDICATORS OF COMPLIANCE

None.

MIGRATION

Not applicable.

Any comments relating to the material contained in this document may be submitted to The Open Group at:

The Open Group
Apex Plaza
Forbury Road
Reading
Berkshire, RG1 1AX
United Kingdom

OGSpecs@opengroup.org

Footnotes

1.

CAE Specification, December 1995, Baseline Security Services (XBSS) (ISBN: 1-85912-136-5, C529).