Microsoft certificate template

Business Editors/Hi-Tech Writers

MCLEAN, Va.--(BUSINESS WIRE)--Oct. 29, 2002

Science Applications International Corporation (SAIC) today announced that it has received a National Information Assurance Partnership (NIAP) Common Criteria certificate for successfully performing the evaluation of the Microsoft Windows 2000 operating system.

SAIC's Common Criteria Testing Laboratory (CCTL) performed the evaluation and received the certificate at the Federal Information Assurance Conference (FIAC) 2002 in College Park, Md.

"SAIC is proud to have contributed to this Common Criteria milestone event and congratulates Microsoft for attaining this significant achievement in computer security," said Duane Andrews, SAIC corporate executive vice president

The Windows 2000 operating system evaluation was conducted in accordance with ISO 15048 Common Criteria Evaluation Assurance Level (EAL) Level 4 Augmented requirements and was evaluated against the Common Criteria Controlled Access Protection Profile, which is consistent with the commercial-level information security requirements for the Department of Defense (DoD).

An EAL4 is the highest evaluation rating that a commercial CCTL can perform and Windows 2000 is the first operating system to achieve an EAL4 rating under the United States Common Criteria Evaluation and Validation Scheme (CCEVS).

"The SAIC CCTL took on a complex challenge, and we were successful in completing the evaluation of the Windows 2000 operation system," said Tammy Compton, co-director of the SAIC CCTL, and the leader of the evaluation team. "The common criteria evaluation methodologies we used were applied to Windows 2000 without using evidence from any previous evaluations. This led to the completion of one of the more challenging projects we have conducted, and we are confident of more successful evaluations in the near future."

"We have embraced the Common Criteria evaluation process from its inception, because we saw the high quality bar for security we could provide to customers," said Bill Veghte, corporate vice president, Windows Server Group, Microsoft Corp. "With CC certification and the support resources we are releasing today, customers now have an internationally-recognized template for Windows 2000 that enables them to build an IT system for secure computing beyond that of any other commercially-available platform today."

Located in Columbia, Md., the SAIC CCTL is a division of SAIC's Secure Business Solutions and was accredited by the National Voluntary Laboratory Accreditation Program (NVLAP) in August 2000. SAIC CCTL was one of the first commercial laboratories to be listed in the NIAP's CCEVS.

SAIC's Secure Business Solutions provides security solutions for networks and business systems. Its 500 engineers can assess, test, design, certify, deploy, and manage solutions for information and physical security, and train organizations to be a core part of overall security solutions.

SAIC is the nation's largest employee-owned research and engineering company, providing information technology, systems integration and eSolutions to commercial and government customers. SAIC engineers and scientists work to solve complex technical problems in national and homeland security, energy, the environment, space, telecommunications, health care and transportation.

With annual revenues of $6.1 billion, SAIC and its subsidiaries, including Telcordia Technologies, have more than 40,000 employees at offices in more than 150 cities worldwide. More information about SAIC can be found on the Internet at www.saic.com.

Statements in this announcement other than historical data and information constitute forward-looking statements that involve risks and uncertainties. A number of factors could cause our actual results, performance, achievements or industry results to be very different from the results, performance or achievements expressed or implied by such forward-looking statements.

Some of these factors include, but are not limited to, the risk factors set forth in the Company's Annual Report on Form 10-K for the period ended January 31, 2002, and such other filings that the Company makes with the SEC from time to time. Due to such uncertainties and risks, readers are cautioned not to place undue reliance on such forward-looking statements, which speak only as of the date hereof.