Common Criteria Certification: Microsoft Windows Platform Products
This white paper provides an overview of the Common Criteria (CC) program, the benefits of certification, the Windows platform scenarios that have been certified, and resources available to help customers configure and administer a Microsoft Windows platform environment that is secured in accordance with the CC.
Ratified as an international standard in 1999, the Common Criteria replaced several older evaluation schemes including the US TCSEC, which specified the well-known Class C2 rating, and the European Information Technology Security Evaluation Criteria (ITSEC). The more than twenty nations that embrace the Common Criteria believe that it will improve the availability of security-enhanced IT products, help customers evaluate IT products when making software purchase decisions, and contribute to higher levels of consumer confidence in IT product security.
As of December 2005, the following Microsoft Windows platform products have achieved Common Criteria Evaluation Assurance Level (EAL) 4 + Augmented certification:
Microsoft Windows Server 2003 Standard Edition with Service Pack 1 (32-bit)
Microsoft Windows Server 2003 Enterprise Edition with Service Pack 1 (32-bit and 64-bit versions)
Microsoft Windows Server 2003 Datacenter Edition with Service Pack 1 (32-bit and 64-bit versions)
Microsoft Windows Server 2003 Certificate Server, Certificate Issuing and Management Components (CIMC) (Security Level 3 Protection Profile, Version 1.0)
Microsoft Windows XP Professional with Service Pack 2
Microsoft Windows XP Embedded with Service Pack 2
Included in This Document
What is the Common Criteria Security Evaluation Process?
What Common Criteria Means for You
Benefits of Common Criteria
Microsoft Windows Platform Product Certifications
Putting Common Criteria Certifications into Action
Microsoft Word file