Security Compliance & Certifications for 20.04

Ubuntu goes through several rigorous security certifications and programs and these pages are dedicated to them. All certification artefacts are available with an Ubuntu Pro subscription.

FIPS 140

Federal Information Processing Standards Publications (FIPS) are issued by the National Institute of Standards and Technology (NIST). FIPS 140-2 specifies the security requirements for cryptographic modules. These requirements address the areas of secure design and implementation.

Ubuntu LTS releases starting with 16.04 (Xenial) come with FIPS validated cryptographic packages, including the Linux kernel and OpenSSL. The full list of packages and certificates is available here.

For more information on FIPS certification on Ubuntu see the FIPS Information and Installation Guide.

CIS

Ubuntu LTS releases starting with 16.04 (Xenial) have compliance benchmark documents developed by the Center for Internet Security (CIS). Ubuntu with has developed the Ubuntu Security Guide to automate hardening Ubuntu LTS systems based off of the published CIS benchmarks.

For more information see

DISA-STIG

Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense (DoD). Ubuntu with Ubuntu Pro and Ubuntu Advantage have the necessary certifications and controls to comply with DISA-STIG guidelines.

The DISA-STIG section demonstrates how to automatically apply the DISA-STIG rules for 20.04, as well as how to audit the system.

Common Criteria

Common Criteria for Information Technology Security Evaluation (CC) is an international standard. The CC provides a common set of requirements for the security functionality of IT products and for assurance measures applied to these IT products during a security evaluation.

Common Criteria certified packages are available for Ubuntu 16.04 & 18.04 LTS. Later releases have not been evaluated against this standard.

For more information on the Common Criteria certification on Ubuntu see the Common Criteria Guide.

Navigation

Documentation versions
Path Version
2204 22.04
20.04
16-18 16.04 / 18.04
Navigation
Level Path Navlink
0 security-certifications Security Certifications
1 fips FIPS 140
2 fips-enablement Enabling FIPS
2 fips-updates Security patching
2 fips-details Detailed certification information
2 fips-cloud-containers FIPS for clouds and containers
2 fips-devel Developing for FIPS
2 fips-faq FIPS FAQ
1 usg Ubuntu Security Guide
2 usg/installation Installation
2 usg/cis CIS compliance
3 usg/cis/audit Audit
3 usg/cis/compliance Compliance
3 usg/cis/customization Customization
1 disa-stig DISA-STIG compliance
2 disa-stig/installation Installation
2 disa-stig/audit Audit
2 disa-stig/compliance Compliance

Redirects

Mapping table
Path Location
/security/certifications/docs/cis-20-18-16 /security/certifications/docs/16-18/cis
/security/certifications/docs/cis-manual-requirements /security/certifications/docs/16-18/cis/customization
/security/certifications/docs/cis-ruleset-params /security/certifications/docs/16-18/cis/customization2
/security/certifications/docs/cis-juju /security/certifications/docs/16-18/cis/juju
/security/certifications/docs/cis-18-16 /security/certifications/docs/16-18/cis
/security/certifications/docs/cc-16 /security/certifications/docs/16-18/cc
/security/certifications/docs/cc /security/certifications/docs/16-18/cc
/security/certifications/docs/fips-updates /security/certifications/docs/fips
/security/certifications/docs/fips-16 /security/certifications/docs/16-18/fips
/security/certifications/docs/cis-audit /security/certifications/docs/usg/cis/audit
/security/certifications/docs/cis-compliance /security/certifications/docs/usg/cis/compliance
/security/certifications/docs/cis /security/certifications/docs/usg/cis