
Common Criteria Certification for Windows Mobile 6.1

Saw this as Jason’s blog :


I got some great news yesterday that Windows Mobile 6.1 has just gained Common Criteria Certification!

If you aren't familiar with Common Criteria then Wikipedia helps :)

The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security.

Common Criteria is based upon a framework in which computer system users can specify their security requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner

Our team headed up by Jon Wall has been working really hard on this so it's great to see that it has now been announced!

Microsoft Windows Mobile 6.1 completed evaluation to Common Criteria EAL 2 augmented with Flaw Remediation (ALC_FLR.1) in the AISEP on 7 August 2008.

The Windows Mobile 6.1 evaluation builds on and extends the core security features of the Microsoft Windows Mobile 6 evaluation at EAL 2+.

Further details about the scope of the evaluation can be found HERE

This is very significant. Now Windows Mobile 6.1 can be considered as very secure (rated by the US Government)
