[AIX Solaris HP-UX Linux Windows][z/OS]

Common Criteria (EAL4) support

The National Institute of Standards and Technology (NIST) has developed Common Criteria to ensure you have a safe option for downloading software to use on your systems. Information held by IT products or systems is a critical resource that enables organizations to succeed in their mission. Additionally, individuals have a reasonable expectation that their personal information contained in IT products or systems remain private, be available to them as needed, and not be subject to unauthorized modification. IT products or systems should perform their functions while exercising proper control of the information to ensure it is protected against hazards such as unwanted or unwarranted dissemination, alteration, or loss. The term IT security is used to cover prevention and mitigation of these and similar hazards.

WebSphere® Application Server Version 6.1 was certified at the Common Criteria EAL4 level, the highest level of any commercially available application server. WebSphere Application Server Version 7 was designed to meet or exceed the security capabilities of WebSphere Application Server Version 6.1, including the EAL4 requirements. The US CCEVS is no longer certifying software products as Common Criteria EAL compliant because they are moving to a new security standard referred to as Protection Profiles. The Protection Profiles requirements for middleware software have not yet been closed. When the Protection Profiles do close, it is our intent to see WebSphere Application Server Version 8 certified at the appropriate Protection Profiles level.

Reference topic    

Terms and conditions for information centers | Feedback

Last updated: April 20, 2014 08:46 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-nd-mp&topic=rovrcommoncriteria
File name: rovr_commoncriteria.html