Common Criteria
Meet your data security compliance requirements by delivering products with globally-recognized Common Criteria certification
The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification.
Common Criteria provides assurance that IT security products have been specified and evaluated in a rigorous and repeatable manner and at a level commensurate with the target environment for use.
Originally developed to unify and supersede national IT security certification schemes from several different countries, including the US, Canada, Germany, the UK, France, Australia and New Zealand, Common Criteria is now the widest available mutual recognition of secure IT products.
Entrust nShield HSMs deliver security that has been tested and certified against the rigorous Common Criteria standard, helping you comply with regulations while also giving you the confidence you need in your security solution.
Overview
Security Standard
Common Criteria certified solutions are required by governments and enterprises around the world to protect their mission-critical infrastructures. Common Criteria is often a pre-requisite for qualified digital signatures under the European Union digital signature laws. Additionally, U.S. Government customers frequently request products that are National Information Assurance Partnership (NIAP) listed, which requires Common Criteria certification.
The Common Criteria standard provides an assurance on different aspects of product security covering areas such as:
- Development of the product and related functional specification, high-level design, security architecture and or implementation design
- Guidance of the product and related manual for the secure deployment and preparation of the product
- Life-cycle of the document and all related process applicable during the creation of the product such as configuration management or secure development process and tools used to the deployment and retirement of the product with the life-cycle design and delivery process
- Supporting security policy documentation
- Tests of the product and particularly coverage of the functional security requirement
- Vulnerability assessments
Certification Authorities
Common Criteria is an international standard (ISO/IEC 15408). The Common Criteria Development Board managed the technical work program for the maintenance and ongoing development of the CC set of documentation.
Two majors recognition agreements exist in the Common Criteria:
- Common Criteria Recognition Arrangement (or CCRA) that comprises 28 countries across all continents, and recognizing the Common Criteria certification up to the level EAL 2 of secure IT products by the CCRA authorizing members
- Senior Official Group – Information Systems Security (or SOG-IS) that comprises 15 countries from Europe, and recognizing the certification Common Criteria up to the level EAL 7 of secure IT products depending on the level of the SOG-IS members
Compliance Overview
Entrust nShield HSM Support for the Common Criteria Standard
The nShield Solo XC and nShield Connect XC are certified to Common Criteria EAL4+ AVA_VAN.5 and ALC_FLR.2, meeting the requirements of the EN 419 221-5 Common Criteria Protection Profile. This Protection Profile has become the industry standard for hardware security modules used for electronic signatures meeting the eIDAS Regulation.
With this certification, customers can use the nShield XC HSM as an EN 419 221-5 certified cryptographic module to develop eIDAS compliant systems.
nShield Connect, nShield Connect+, nShield Solo and nShield Solo+ hardware security modules (HSMs) have been certified to EAL4+ (AVA_VAN.5).
Entrust earned Common Criteria certification for nShield HSMs from the Italian certification agency, Organismo di Certificazione della Sicurezza Informatica (OCSI). This OCSI certification recognizes nShield HSMs as Qualified Signature Creation Devices (QSCDs). By way of this QSCD recognition, nShield HSMs comply to eIDAS (Article 51, Transitional Measures).
The Entrust nShield HSM Common Criteria certification can be found here.
Product Compliance Detail
Please find a summary of nShield Common Criteria and other certifications
Entrust nShield HSM Common Criteria and Other Security Certifications
Resources
Brochures : Entrust nShield HSM Family Brochure
Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, EntrustnShield HSMs support a variety of deployment scenarios.
Entrust nShield HSM Family Brochure
Data Sheet : nShield Connect
Entrust nShield Connect HSMs are certified, networked appliances that deliver cryptographic key services to applications distributed across servers and virtual machines.
Entrust nShield Connect Data Sheet
Data Sheet : nShield Solo
Entrust nShield Solo HSMs are certified PCI-e card-based solutions that deliver cryptographic key services to applications hosted on individual servers and appliances.