Red Hat Certificate System achieves Common Criteria certification

With cybersecurity front and center for CIOs across the public and private sectors, providing infrastructure technologies that meet the stringent security needs for sensitive production applications is critical. Today, we’re pleased to expand Red Hat’s offerings of open technologies to power the world’s most critical workloads with the Common Criteria certification of Red Hat Certificate System.

Red Hat Certificate System is a portfolio of technologies that establish and maintain identities and helps keep communications private. Simplifying public key cryptography deployments and data encryption management, Red Hat Certificate System has been trusted for over a decade to power many of the world’s largest cryptographic key management deployments, such as the U.S. Department of Defense PKI system.

Through achieving Common Criteria certification, Red Hat Certificate System has demonstrated conformance to an internationally recognized set of security and functionality standards. Certifying against these standards attests that Red Hat Certificate System, the operating system running it, and the underlying hardware platform, can meet the highly-regulated and security-conscious needs of governments and commercial organizations around the globe.

Additionally, Red Hat Certificate System 9.4 is now an approved Certificate Authority component for Commercial Solutions for Classified (CSfC) solutions and is included in the CSfC Certificate Authority Components List. This program, established by the National Security Agency (NSA), enables commercial products to be used in layered solutions protecting National Security System (NSS) data. More information on CSfC can be found at https://www.nsa.gov/resources/everyone/csfc/.

Red Hat Certificate System 9.4 was certified using nCipher Security (formerly Thales) nShield hardware security modules (HSM) to provide a hardened, tamper-resistant environment to enable secure cryptographic processing. The nCipher HSM complements Red Hat Certificate System by providing FIPS-certified key storage.

Supporting documentation for the Red Hat Certificate System certification include:

• Common Criteria Certificate

• Security Target

• Validation Report

• Assurance Activity Report

• Administrative Guide (Common Criteria Edition)

“We’re pleased to have worked with Red Hat to validate Red Hat Certificate System 9.4 against the latest Common Criteria standards using nCipher nShield HSM,” said Cindy Provin, senior vice president, Entrust Datacard and General Manager of nCipher Security. “nShield provides a customizable, flexible and more secure environment for running classified and highly-sensitive workloads across a wide range of deployment scenarios”

The Red Hat portfolio of hybrid cloud technologies supports a wide range of government and high-security standards, including Common Criteria, FIPS 140-2 and NIST National Checklists. For more information on Red Hat Certificate System and how it helps to support scalable identity management and more secure communications, read more here.

Amy Farley is product manager, Idenitty Management, at Red Hat.