The Oracle Solaris OS is certified to comply with two security standards, Common Criteria and FIPS 140-2.
The Cryptographic Framework feature of Oracle Solaris is validated at FIPS 140-2, Level 1 for userland and kernel functions in the Oracle Solaris 11.3 SRU 5.6 release. The OpenSSL module that runs on Oracle Solaris 11.3 is also validated for FIPS 140-2. Any application that uses OpenSSL for its cryptography can use this validated module. For more information, see Using a FIPS 140-2 Enabled System in Oracle Solaris 11.3.
Oracle Solaris 11 is certified under the Canadian Common Criteria Scheme at Evaluation Assurance Level 4 (EAL4) and augmented by flaw remediation (EAL4+). EAL4 is the highest level of evaluation mutually recognized by 26 countries under the Common Criteria Recognition Arrangement (CCRA).
The certification is for the Operating System Protection Profile (OSPP) and includes the following extended packages:
Advanced Management
Extended Identification and Authentication
Labeled Security
Virtualization
For information about the certification, see:
The Common Criteria Recognition Arrangement (https://www.commoncriteriaportal.org/ccra/index.cfm?)