Common Criteria Awards at RSA

2013-03-05

San Francisco, CA – atsec enjoyed participating in the public acknowledgement of IBM’s series of successful Common Criteria evaluations for several zEnterprise components during the 2013 RSA conference this week.

The certificates awarded highlight the commitment of IBM to demonstrate to their customers that the expected levels of security assurance needed by government agencies, the financial industry and other critical infrastructures around the world have been met.

For many years IBM has focused on having the security functionality of key elements of System z systems evaluated by third parties to meet international standards that are recognized in many countries and industries.

These components include key operating systems, virtualization technologies, security mediation applications and guest operating systems.

The certificates accepted by IBM at RSA this week include:

  • IBM z/VM Version 6 Release 1 at EAL4+
  • IBM PR/SM on IBM Systems zEC12 GA1
    with Driver Level D12K at EAL5+
  • IBM RACF as part of z/OS version 1 release 13 at EAL5

IBM has also recently provided Common Criteria evaluations of:

  • IBM z/OS Version 1, Release 13

Additionally IBM has been awarded certificates for demonstrating FIPS 140-2 compliance for cryptographic modules in the zEnterprise systems including:

  • IBM z/VM Version 6 Release 1 System SSL Cryptographic Module
  • IBM z/OS Version 1 Release 13 ICSF PKCS#11 Cryptographic Module
  • IBM z/OS Version 1 Release 13 System SSL Cryptographic Module
  • IBM 4765 Cryptographic Coprocessor Security Module
  • IBM LTO Generation 5 Encrypting Tape Drive
  • IBM Crypto for C

atsec applauds the commitment of IBM in providing demonstrable security assurance of complex technologies to their customers.

IBM, z/OS, z/VM, PR/SM, zEnterprise are trademarks of IBM Corporation.

About atsec information security
atsec information security is an independent, standards-based information technology security services company.
atsec's services include formal laboratory testing and evaluation of security assurance for commercial off the shelf (COTS) information technology including evaluations under national Common Criteria schemes in the U.S., Germany, and Sweden.
In addition, atsec operates a Cryptographic and Security Testing Laboratory providing testing to U.S. national product conformance standards such as cryptography standards approved by NIST, FIPS 140-2, FIPS 201, TWIC and the GSA Evaluation Program.
atsec also offers information security consultancy
atsec works with any company, regardless of size or locale, that is serious about IT security.