IBM 10 SP1 EAL4 User Manual
1 Introduction
This document describes the High Level Design (HLD) for the SUSE® Linux® Enterprise Server 10 Service
Pack 1 operating system. For ease of reading, this document uses the phrase SUSE Linux Enterprise Server and
the abbreviation SLES as a synonym for SUSE Linux Enterprise Server 10 SP1.
This document summarizes the design and Target of Evaluation Security Functions (TSF) of the SUSE Linux
Enterprise Server (SLES) operating system. Used within the Common Criteria evaluation of SUSE Linux
Enterprise Server at Evaluation Assurance Level (EAL) 4, it describes the security functions defined in the
Common Criteria Security Target document.
Pack 1 operating system. For ease of reading, this document uses the phrase SUSE Linux Enterprise Server and
the abbreviation SLES as a synonym for SUSE Linux Enterprise Server 10 SP1.
This document summarizes the design and Target of Evaluation Security Functions (TSF) of the SUSE Linux
Enterprise Server (SLES) operating system. Used within the Common Criteria evaluation of SUSE Linux
Enterprise Server at Evaluation Assurance Level (EAL) 4, it describes the security functions defined in the
Common Criteria Security Target document.
1.1 Purpose of this document
The SLES distribution is designed to provide a secure and reliable operating system for a variety of purposes.
This document describes the high-level design of the product and provides references to other, more detailed
design documentation that describe the structure and functions of the system. This document is consistent with
additional high-level design documents, as well as with the supporting detailed design documents for the system.
There are pointers to those documents in this document.
The SLES HLD is intended as a source of information about the architecture of the system for any evaluation
team.
This document describes the high-level design of the product and provides references to other, more detailed
design documentation that describe the structure and functions of the system. This document is consistent with
additional high-level design documents, as well as with the supporting detailed design documents for the system.
There are pointers to those documents in this document.
The SLES HLD is intended as a source of information about the architecture of the system for any evaluation
team.
1.2 Document overview
This HLD contains the following chapters:
Chapter 2 presents an overview of the IBM
Chapter 2 presents an overview of the IBM
®
eServer™ systems, including product history, system architecture,
and TSF identification.
Chapter 3 summarizes the eServer hardware subsystems, characterizes the subsystems with respect to security
relevance, and provides pointers to detailed hardware design documentation.
Chapter 4 expands on the design of the TSF software subsystems, particularly the kernel, which is identified in
Chapter 2.
Chapter 5 addresses functional topics and describes the functionality of individual subsystems, such as memory
management and process management.
Chapter 6 maps the Target of Evaluation (TOE) summary specification from the SUSE Linux Enterprise Server
Security Target to specific sections in this document.
Chapter 3 summarizes the eServer hardware subsystems, characterizes the subsystems with respect to security
relevance, and provides pointers to detailed hardware design documentation.
Chapter 4 expands on the design of the TSF software subsystems, particularly the kernel, which is identified in
Chapter 2.
Chapter 5 addresses functional topics and describes the functionality of individual subsystems, such as memory
management and process management.
Chapter 6 maps the Target of Evaluation (TOE) summary specification from the SUSE Linux Enterprise Server
Security Target to specific sections in this document.
1.3 Conventions used in this document
The following font conventions are used in this document:
Constant Width (Monospace) shows code or output from commands, and indicates source-code keywords
that appear in the code as well as file and directory names, program and command names, command-line
options.
Italic indicates URLs, book titles, and introduces new terms.
options.
Italic indicates URLs, book titles, and introduces new terms.
1.4 Terminology
For definitions of technical terms and phrases that have specific meaning for Common Criteria evaluation, please
refer to the Security Target.
refer to the Security Target.