Common Criteria Certification
To comply with Evaluation Assurance Level 4+, in addition to enabling the common criteria compliance enabled option, you must also run a script that finishes configuring SQL Server as a certified version. For more information and a sample of a compliant script, see the Microsoft SQL Server Common Criteria Web site.
About the Common Criteria
Ratified as an international standard in 1999, the Common Criteria supersedes several older evaluation schemes including the U.S. Trusted Computer Systems Evaluation Criteria (TCSEC) (which specified the well-known Class C2 rating), the European Information Technology Security Evaluation Criteria (ITSEC), and the Canadian Trusted Computer Product Evaluation Criteria (CTCPEC). The Common Criteria was designed by a group of nations to improve the availability of security-enhanced IT products, help users evaluate IT products for purchase, and contribute to consumer confidence in IT product security. An international body composed of more than 20 nations maintains the Common Criteria, which is recognized by the International Standards Organization (ISO) as ISO standard 15408. For more information, see the Common Criteria portal home page.