CERTIFICACIÓN
N°45/C-PR110
CCRA recognition for components
up to EAL 4 and ALC_FLR only up to EAL 2 and ALC_FLR only
A
centro criptoldgico nacional
CERTIFICATE
CCN-CC-17/2022
Microsoft SQL Server 2019 Database Engine Enterprise Edition x64
(English), version 15.0.4178.1
Type of product Database Management System
Conformanceof functionality PP Conformance functionality
Protection Profile Conformance DBMS Working Group Technical Community Protection Profile for
Database ManagementSystems Base Package (v2.12,
23/03/2017), and DBMS Protection Profile Extended Package-
AccessHistory (v1.02, 23/03/2017)
Evaluation Facility DEKRATesting and Certification S.A.U.
Certification Report CCN-CC/2019-45/INF-3781
Expiration Date See Certification Report
Pursuantto the authority vested in me under Act 11/2002 regulating the NationalIntelligence Centre,
and underArticle 1 and Article 2.2.c of Royal Decree 421/2004 of March 12th regulating the National
Cryptologic Centre, | hereby:
Certify that the security of Microsoft SQL Server 2019 Database Engine Enterprise Edition x64 (English),
version 15.0.4178.1, requested by Microsoft Corporation, 1 Microsoft Way, Redmond, WA 98052
(U.S.A.), has been evaluated using Common Methodology for Information Technology Security
Evaluation/CommonCriteria for Information Technology Security Evaluation version 3.1 release 5, andit
has met the requirements of its Security Target identified as “Microsoft SQL Server 2019 Database
Engine CommonCriteria Evaluation (EAL4+) Security Target (version: 1.5, date: 2022-03-25)”, for
evaluation assurance level EAL4 + ALC_FLR.3.
Madrid, 29 March 2022
ate Director
This certificate, its scope and validity are subject to the terms, conditions and requirements specified in the
“Reglamento de Evaluación y Certificación de la Seguridad de las T.I.C.” at PRE/2740/2007, September19th.
The above-mentionedSecurity Target and Certification Report are available at the National Cryptologic Centre.
This certificate will come into effect the following day that the associated certificate resolution signed by
the Secretary of State Director of CCN is published in the Official State Gazette (B.O.E —
https://www.boe.es).
The IT product identified in this certificate has been evaluated at an accredited and licensed/approved
evaluation facility using the Common Methodology for Information Technology Security
Evaluation/CommonCriteria for Information Technology Security Evaluation version 3.1 release 5 and
CC Supporting Documentsaslisted in the Certification Report. This certificate applies only to the specific
version and release of the product in its evaluated configuration and in conjunction with the complete
Certification Report. The evaluation has been conducted in accordance with the provisions of the
Spanish IT Security Evaluation and Certification Scheme, PRE/2740/2007 September the 19th, and the
“conclusionsof the evaluation facility in the evaluation technical report are consistent with the evidence
adduced. This certificate is not an endorsementof the IT product by the Spanish Schemeorby any other
organisation that recognises orgives effect to this certificate, and no warranty of the IT product by the
Spanish Schemeor by any other organisation that recognises or gives effect to this certificate, is either
expressedor implied.