The first evaluation of z/OS, at V1R6, was performed in 2005 at EAL3, followed by a re- evaluation of V1R7 in 2006 at EAL4 with added security features. The current re- evaluation of IBM z/OS V1R8 at EAL4+ addressed significantly enhanced security functions and provides assurance of the product in a format that is typically installed and operated. The Security Target specifying the target of evaluation is publicly available at Atsec’s Common Criteria evaluations page. Some noteable features of the evaluation include:

- z System servers with all optional crypto boards

- Additional authentication mechanisms: X.509 certificates, Kerberos tickets, IBM PassTickets, and authentication based on LDAP DNS in addition to the traditional password mechanism

- Secure communications: in addition to SSL/TLS and IPSec, OpenSSH and Kerberos are available

- Full IBM Tivoli Directory Server with LDBM and SDBM back ends; LDBM provides a “traditional” LDAP database with access control known from other evaluated ITDS products, while SDBM provides access to RACF user management via LDAP interfaces

- Augmentation to ALC_FLR.3, the highest achievable assurance component for maintenance

There are only a small number of evaluation facilities with the experience and confidence needed to take on a task of this magnitude. Among that small set of evaluation laboratories, Atsec information security is the world’s leading evaluator of large, complex operating systems.

Jim Porell, IBM Distinguished Engineer and Chief Architect for System z Software, commented: “The Common Criteria Evaluation of z/OS 1.8 was a complex effort requiring cooperation between IBM and Atsec. Our goal, at IBM, has been to deliver an operating system that can provide valuable server functionality and security capabilities to meet our customers' business needs. The Common Criteria provides a good definition of the development processes and protection profiles that can be deployed to satisfy those business needs. We are pleased with the results of this evaluation and our working relationship with Atsec.”

Marvin Schaefer, Former Chief Scientist at the National Computer Security Center at the NSA, adds: "IBM's z/OS Version 1 Release 8 operating system evolved from what was, in the late 1970s, the powerful, but complex, MVS operating system. At that time, its access control mechanisms were quite weak and easily defeated. Even with the integration of RACF, the system was not only subject to compromise, but because of the complexity of its structure and implementation, it was extremely difficult and time-consuming to evaluate its security policy and mechanisms against the criteria of the US Department of Defense Trusted Computer System Evaluation Criteria (the Orange Book). Its initial evaluation by the National Computer Security Center (NCSC) took years, and was only partially successful. As a consequence, IBM made a considerable investment in restructuring MVS/RACF and integrating it with supportive hardware security mechanisms -- and more importantly, with a security policy-driven discipline of design, documentation and programming. The resulting system, z/OS, is considerably richer and more complex than its antecedent MVS. Because system security became a central design principle, and because the development effort was closely coordinated with the independent team of evaluators, the formidable task of identifying and analyzing z/OS's large set of interfaces and its management of privilege became tractable. Through close and co-operative work with its evaluators, z/OS's interfaces and management of privilege have been documented such as to permit a full and rigorous assessment to be completed in a little more than a year. Further, over the last quarter century I have collaborated with senior IBM and Atsec staff and know that this evaluation was anything but superficial, thanks to the Atsec evaluation team's mature knowledge of security principles as well as their corpus of techniques for identifying and exploiting security vulnerabilities. I have full confidence that z/OS and its completed evaluation represent an exceptional technological achievement."

Operating system evaluation is the greatest test of competence in the field, and from early on in its history as a Common Criteria evaluation laboratory, Atsec has led the way in operating system evaluations under both the German BSI and U.S. CCEVS Schemes. Atsec’s record of evaluation at this level includes evaluations of IBM AIX 5.3 (CAPP and LSPP); twelve Linux versions on five different platforms; IBM z/OS V1R7 at the EAL4+ level, as well as the zSeries-based z/VM and PR/SM virtual machine and logical partitioning products. Atsec has already completed two EAL5 evaluations of IBM PR/SM products.