Common Criteria EAL Certification

Registered by pjharper on 2007-12-08

The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security. Unlike standards such as FIPS 140-2, Common Criteria does not provide a list of product security requirements or features that products must contain. Instead, it describes a framework in which computer system users can specify their security requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner.

I would recommend both for desktop and server in Hardy Heron and future LTS releases. Ubuntu will not be able to be installed by many Government Departments in the Industrialised world if they do not meet an EAL from Common Criteria.

http://www.redhat.com/solutions/government/commoncriteria/

http://www.novell.com/linux/security/certification.html

http://en.wikipedia.org/wiki/Common_Criteria

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
None
Definition:
Discussion
Series goal:
Proposed for hardy
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.