Oracle is working with Red Hat to gain an internationally recognised Linux security certification, hoping to woo security conscious public sector customers.

The pair will submit Red Hat Advanced Server to the International Standards Organisation's ISO 15408 scrutiny, in an effort to gain Evaluation Assurance Level 2 certification.

The submission follows Red Hat's success in gaining the Defense Information System Agency Common Operating Environment (COE) certification from the US Department of Defense.

COE certification is recognised across US federal government as one of the most rigorous computing evaluations but, unlike ISO 15408, it does not have an international standing.

Mark de Visser, vice president of marketing at Red Hat, told vnunet.com: "There was so much lobbying for Linux in the Department of Defense.

"Now that's over it will be far easier for US government departments to adopt Linux. But ISO 15408 accreditation will materially impact the UK and other countries."

Mike Davis, senior researcher at analyst Butler Group, indicated that certification is another step towards credibility for Red Hat.

"Government players are big users of Oracle, so a tie up is very sensible," he said. "Oracle's memorandum of understanding with the UK government for low-cost [database and advanced server] versions for the public sector shows this."

Oracle claimed that security-aware customers are increasingly interested in deploying Linux.

The COE certification was completed on IBM xSeries 330 hardware without Oracle's involvement. For now, the company will pursue Oracle9i RAC segmentation on the COE-certified software.

ISO 15408, better known as 'The Common Criteria for IT Security Evaluations', or simply 'CC', was developed jointly by national security organisations in the UK, the US, Canada, France, Germany and The Netherlands.

It is now recognised by a total of 14 countries and the list is growing.

CC evaluations involve rigorous analysis and testing of all aspects of a product or system, exploring the developer's processes, implementation and documentation.

De Visser suggested that security is also driving corporate demand for Linux desktops.

"Linux provides a significant leg up over Windows. An enterprise security strategy is unmanageable with too large a Windows [desktop] presence," he said.

Davis added that this is a valid argument, because it is easy to strip out unwanted functionality from Linux thereby making it more secure.

Get the latest news, views and technology updates in a weekly round up of the Penguin's unstoppable march by signing up to vnunet.com's FREE Linux newsletter here.