The Open Group Protection Profiles
"Establishing Consistent Certification Processes"
You are here: Security Forum > Protection Profiles

Welcome to the Security Forum's Protection Profiles (PP) website.

Protection Profiles and Common Criteria

The Common Criteria Certification process is moving to a new methodology of certification called a Protection Profile, focused on establishing a consistent certification process for each product type.

Initial Project Objective

The initial stimulus for this Protection Profile Working Group (PPWG) arises from recommendations from the US Common Critieria Evaluators to develop a Protection Profile for Java EE Application Server, to facilitate product suppliers certifying their product offerings under Common Criteria standards.  Initial participants in this activity are Oracle, RedHat and IBM.

The initial Protection Profiles project objectives are:

  • define a Common Criteria Protection Profile for Java EE Application Servers acceptable to the certifying labs of CCRA, that all vendors can agree upon and adhere to
  • examine past evaluation for Jboss, WebLogic, and WebSphere to establish a bases for developing a new Prottection Profile for Java EE Application Servers
  • submit the Protection Profile to NIAP for acceptance.


The key benefits from this Protection Profiles project are:

  • provide a commonly accepted mechanism for a testable and repeatable process for verifying the security aspects of selected products
  • assist suppliers in preparing their products for certification by having a well defined specification for achieving compliance.
Bulletin Boards  
(No Bulletin Boards available)

Design Document Add Help with Documents
23-Jan-14 (latest change) 1 Documents


If you experience any problems with broken links, or incorrect or unexpected functionality, click here to request help.
   |   Legal Notices & Terms of Use   |   Privacy Statement   |   Top of Page   Return to Top of Page
  PHPlato: 2.0 (682) [p]