Appendix H. Common Criteria

Common Criteria is a scheme for independent assessment, analysis, and testing of IT products to a set of security requirements. The Common Criteria Scheme provides consumers with an impartial security assurance of a product to predefined levels. These levels range from EAL0 to EAL7, each assurance level places increased demands on the developer for evidence of testing, and provides increased assurance within the product.

WebSphere MQ V5.3.0.2 with Corrective Service Diskette (CSD) 6, has been evaluated to Common Criteria EAL2. This provides assurance that the product has been structurally tested.

Under the Common Criteria Recognition Arrangement (CCRA), countries agree to recognize Common Criteria certificates that have been produced by any certificate authorizing participant, in accordance with the terms laid out in the CCRA. Currently, the CCRA is comprised of nineteen member nations: Australia, Austria, Canada, Finland, France, Germany, Greece, Hungary, Israel, Italy, Japan, the Netherlands, New Zealand, Norway, Spain, Sweden, Turkey, the United Kingdom, and the United States. New members are expected to join in the near future.

You can find further information on the Common Criteria scheme at the following Web site: http://www.csrc.nist.gov/cc