Common Criteria Certification Is Uncommonly Secure
Everyone knows Linux is secure. But there’s secure, and then there’s really secure.
This is the world of the Common Criteria certification, a world where governments, financial institutions and military organizations need security that rivals Fort Knox. To say that Common Criteria Certificates are the gold standard in security is a bit of an understatement. Think diamond, with a side order of gold.
So it’s little wonder that we’re tickled green today that SUSE Linux Enterprise Server 11 SP2, including KVM virtualization, and SUSE Linux Enterprise Server for System z 11 SP2 each received Common Criteria Certificates at Evaluation Assurance Level EAL4, augmented by ALC_FLR.3 (EAL4+).
To receive these certificates, which were delivered to President and General Manager Nils Brauckmann today at the CeBIT trade show in Hannover, SUSE’s products and processes for developing and maintaining its products passed a rigorous security evaluation performed by atsec information security.
In the United States, Common Criteria status is awarded by a joint public-private partnership known as the NIAP Common Criteria Evaluation and Validation Scheme for IT Security. SUSE’s certificates were issued by Bundesamt für Sicherheit in der Informationstechnik (BSI) – the German Federal Office for IT Security.
Common Criteria certificates are recognized by 26 countries that have signed the Common Criteria Recognition Arrangement, so now commercial and government agencies with environments that demand proven security assurance can trust SUSE Linux Enterprise Server to handle sensitive information affordably with an internationally agreed-upon and widely adopted standard for security evaluation… no matter where in the world those operations take place.
As companies and governments explore the cloud, it’s well worth considering how secure an operating system. Hackers abound these days, and the last thing you want to do is worry about the safety of the OS. Today’s announcement emphasizes that with SUSE, you don’t have to.