Microsoft SQL Server 2000 C2 Evaluation

In August, 2000, the US Government announced that Microsoft SQL Server 2000 had completed a successful evaluation at the C2 level according to the Trusted Database Interpretation (TDI) of the Trusted Computer System Evaluation Criteria (TCSEC).

The C2 evaluation applies to the originally-released version of SQL Server 2000 - that is, no service packs or patches need to be installed - when configured per the Trusted Facility Manual and running on Windows NT 4.0 in any of its C2-evaluated configurations.

The TCSEC provides an evaluation by an independent third party against standardized criteria and according to a formal methodology known as the Trust Technology Assessment Program (TTAP). The evaluation carries the imprimatur of a trusted third party that has scrutinized the product and assessed the security it can provide. Microsoft worked with SAIC, an approved TTAP laboratory, to ensure that it fully met all documentation and testing requirements.

The TTAP evaluates the security features that a product provides and the assurance that the product correctly and fully implements them. The security features that are required at the C2 level include:

  • Mandatory identification and authentication of all users on the system - The ability of the system to identify authorized users and to allow only them to access system resources

  • Discretionary access control - The ability for users to protect their data as they desire.

  • Accountability and Auditing - The ability of the system to thoroughly audit user and system actions.

  • Object Reuse - The ability of the system to prevent users from obtaining information from resources that previously were used by others, for example, memory that has been released or files that have been deleted.

The assurance requirements at the C2 level include:

  • Examination of source code

  • Examination of detailed design documentation

  • Retesting to ensure that any errors identified during the evaluation have been corrected.

  • Penetration testing