Common Criteria Certification
The Common Criteria for Information Technology Security Evaluation is an international security standard which evolved out of three standards: The European ITSEC, the Canadian CTCPEC and the US TCSEC standard. Within the International Standards Organisation it is covered with standard ISO/IEC 15408.
SAP is firmly committed to fulfilling its customers’ needs regarding security functionality and assurance. The Common Criteria certification proves that SAP designs processes and develops its products in accordance with this international standard to ensure the highest level of security.
Common Criteria Certified SAP Products:
- SAP NetWeaver Application Server Java 7.00 Enhancement Package 2, EAL4+
- SAP NetWeaver Application Server ABAP 7.00 Enhancement Package 2, EAL4+
For more detailed information, see SAP Service Marketplace (login required):
FIPS 140-2 Certification
The Federal Information Processing Standard (FIPS) 140 is a standard that defines a set of security requirements for products that implement cryptography. It ensures that these products work securely and as designed to guarantee protection for your sensitive business data.
FIPS 140-2 Certification:
- SAP CommonCryptoLib Crypto Kernel version 18.104.22.168
- SAP Single Sign-On 2.0 Secure Login Library Crypto Kernel
For more detailed information, see:
- Blog New FIPS certificate for SAP’s CommonCryptoLib Crypto Kernel
- Blog SAP’s Crypto Kernel Receives FIPS 140-2 Certificate
- SAP Note 2117112 (login required)
- SAP Insider article Is your data properly protected?