CA Technologies announced Thursday that its Mainframe Security Management products have met the rigorous requirements of Common Criteria, an independent security certification recognized by governments in more than 26 countries, including the United States.
CA ACF2 r14 SP1 for z/OS and CA Top Secret r14 SP1 for z/OS received Common Criteria Evaluation Assurance Level 4+ from the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS). The CCEVS certification standards address product functionality, development environment, documentation and product testing.
"Our customers, particularly government organizations, need to have confidence that our access control products meet the highest published security standards," said Dayton Semerjian, general manager, Mainframe at CA Technologies. "By participating in the CCEVS evaluation and meeting its rigorous criteria, we are responding to this important requirement."
Certification is granted when a Common Criteria testing laboratory determines that a product meets a defined measure of security.
Both evaluations were done in Booz Allen Hamilton’s Common Criteria Testing Laboratory (CCTL). The Booz Allen Hamilton lab is one of only nine U.S.-based CCTLs approved by NIAP and meets the Common Criteria Evaluation and Validation Scheme. The Booz Allen CCTL conducts IT security evaluations for conformance to the Common Criteria for Information Technology Security Evaluation, International Standard ISO/IEC 18045:2005.
CA ACF2 and CA Top Secret provide comprehensive access control for IBM z/OS resources across operating systems, subsystems, third-party software and databases, which includes externalized security controls for Unix System Services (USS), as well as CICS DB2, and IMS transaction and database management subsystems. Both CA ACF2 and CA Top Secret enable customers to monitor and adjust their security policies, accommodating virtually all organizational structures.
Recent CA Technologies Common Criteria evaluations include CA Federation Manager r12 SP1 deployed on CA SiteMinder and CA Identity Manager r12.5.