Security Compliance & Certifications for 22.04

Security Certification Documentation
#1

Ubuntu goes through several rigorous security certifications and programs and these pages are dedicated to them. All certification artefacts are available with an Ubuntu Pro subscription.

FIPS 140

Federal Information Processing Standards Publications (FIPS) are issued by the National Institute of Standards and Technology (NIST). FIPS 140 specifies the security requirements for cryptographic modules. These requirements address the areas of secure design and implementation.

Ubuntu LTS releases starting with 16.04 (Xenial) come with FIPS validated cryptographic packages, including the Linux kernel and OpenSSL. The full list of packages and certificates is available here.

Ubuntu 22.04 LTS is being certified against the new FIPS 140-3 standard. The cryptographic modules are reviewed by an independent testing lab before being officially certified by NIST. The list of modules in the testing phase is here, and the list of modules undergoing certification by NIST is here.

CIS

Ubuntu LTS releases starting with 16.04 (Xenial) have compliance benchmark documents developed by the Center for Internet Security (CIS). Ubuntu with has developed the Ubuntu Security Guide to automate hardening Ubuntu LTS systems based off of the published CIS benchmarks. CIS benchmarks are available with the Ubuntu Security Guide for 22.04 LTS.

For more information see

DISA-STIG

Security Technical Implementation Guides (STIG) are developed by the Defense Information System Agency (DISA) for the U.S. Department of Defense (DoD). Ubuntu 22.04 is undergoing evaluation by DISA and when the STIG is produced it will be incorporated into the Ubuntu Security Guide.

Navigation

Documentation versions
Path Version
2204 22.04
20.04
16-18 16.04 / 18.04
Navigation
Level Path Navlink
0 security-certifications Security Certifications
1 fips FIPS 140
2 fips-enablement Enabling FIPS
2 fips-updates Security patching
2 fips-details Detailed certification information
2 fips-cloud-containers FIPS for clouds and containers
2 fips-devel Developing for FIPS
2 fips-faq FIPS FAQ
1 usg Ubuntu Security Guide
2 usg/installation Installation
2 usg/cis CIS compliance
3 usg/cis/audit Audit
3 usg/cis/compliance Compliance
3 usg/cis/customization Customization
1 disa-stig DISA-STIG compliance
2 disa-stig/installation Installation
2 disa-stig/audit Audit
2 disa-stig/compliance Compliance

Redirects

Mapping table
Path Location
/security/certifications/docs/cis-20-18-16 /security/certifications/docs/16-18/cis
/security/certifications/docs/cis-manual-requirements /security/certifications/docs/16-18/cis/customization
/security/certifications/docs/cis-ruleset-params /security/certifications/docs/16-18/cis/customization2
/security/certifications/docs/cis-juju /security/certifications/docs/16-18/cis/juju
/security/certifications/docs/cis-18-16 /security/certifications/docs/16-18/cis
/security/certifications/docs/cc-16 /security/certifications/docs/16-18/cc
/security/certifications/docs/cc /security/certifications/docs/16-18/cc
/security/certifications/docs/fips-updates /security/certifications/docs/fips
/security/certifications/docs/fips-16 /security/certifications/docs/16-18/fips
/security/certifications/docs/cis-audit /security/certifications/docs/usg/cis/audit
/security/certifications/docs/cis-compliance /security/certifications/docs/usg/cis/compliance
/security/certifications/docs/cis /security/certifications/docs/usg/cis
2 Likes
#2

This is great to hear! Is there any way to get notifications for when 22.04 has the relevant FIPS compliance modules released? Or is there some beta channel I can use for dev/test environments?