8. Security

8.1. Technology Previews

OpenSCAP
OpenSCAP is a set of open source libraries that support the Security Content Automation Protocol (SCAP) standards from the National Institute of Standards and Technology (NIST). OpenSCAP supports the SCAP components:
  • Common Vulnerabilities and Exposures (CVE)
  • Common Platform Enumeration (CPE)
  • Common Configuration Enumeration (CCE)
  • Common Vulnerability Scoring System (CVSS)
  • Open Vulnerability and Assessment Language (OVAL)
  • Extensible Configuration Checklist Description Format (XCCDF)
Additionally, the openSCAP package includes an application to generate SCAP reports about system configuration. This package is considered a Technology Preview in Red Hat Enterprise Linux 6.
TPM
TPM hardware can create, store and use RSA keys securely (without ever being exposed in memory), verify a platform's software state using cryptographic hashes and more. The user space libraries, trousers and tpm-tools are considered a Technology Preview in this Red Hat Enterprise Linux 6.