MRA recognition for components CCRA recognition for components
up to EAL 4 and ALC_FLR only up to EAL 2 and ALC_FLR only
@
centro criptolégico nacional
CERTIFICATE
CCN-CC-32/2023
Microsoft SQL Server 2022 Database Engine Enterprise Edition x64
(English) version 16.0.4025.1
Type of product Database Management System
Conformanceof functionality Product specific Security Target — CC Part 2 conformant
Evaluation Facility DEKRA Testing and Certification S.A.U.
Certification Report CCN- CCN-CC/2022-34/INF-4109
Expiration Date See Certification Report
Pursuantto the authority vested in me under Act 11/2002 regulating the National Intelligence
Centre, and underArticle 1 and Article 2.2.c of Royal Decree 421/2004 of March 12th
regulating the National Cryptologic Centre, | hereby:
Certify that the security of Microsoft SQL Server 2022 Database Engine Enterprise Edition x64
(English) version 16.0.4025.1, requested by Microsoft Corporation, 1 Microsoft Way, Redmond,
WA 98052, U.S.A., has been evaluated using Common Methodology for Information
Technology Security Evaluation/Common Criteria for Information Technology Security
Evaluation version 3.1 release 5, and it has met the requirements of its Security Target
identified as “Microsoft SQL Server 2022 Database Engine CommonCriteria Evaluation (EAL4+)
Security Target (version: 1.3, 2023-04-14)”, for evaluation assurance level EAL4 + ALC_FLR.3.
This certificate, its scope and validity are subject to the terms, conditions and requirements specified in the
“Reglamento de Evaluación y Certificación de la Seguridad de las T.I.C.” at PRE/2740/2007, September19th.
Madrid, 30 August 2023
Secretary of State Director
his
tdo
Esperanza Castelgiro Llamazares
ENAC
CERTIFICACIÓN
150 17065
N°45/C-PRIIO
The above-mentioned Security Target and Certification Report are available at the National Cryptologic Centre.
This certificate will come into effect the following day that the associated certificate resolution
signed by the Secretary of State Director of CCNis published in the Official State Gazette (B.O.E
— https://www.boe.es).
The IT product identified in this certificate has been evaluated at an accredited and
licensed/approved evaluation facility using the Common Methodology for Information
Technology Security Evaluation/Common Criteria for Information Technology Security
Evaluation version 3.1 release 5 and CC Supporting Documents as listed in the Certification
Report. This certificate applies only to the specific version and release of the product in its
evaluated configuration and in conjunction with the complete Certification Report. The
evaluation has been conducted in accordance with the provisions of the Spanish IT Security
Evaluation and Certification Scheme, PRE/2740/2007 Septemberthe 19th, and the conclusions
of the evaluation facility in the evaluation technical report are consistent with the evidence
adduced.This certificate is not an endorsement of the IT product by the Spanish Schemeor by
any otherorganisation that recognisesor gives effect to this certificate, and no warranty of the
IT product by the Spanish Schemeorby anyother organisation that recognises or gives effect
to this certificate, is either expressed or implied.