Rainbow Series on:
[Wikipedia]
[Google]
[Amazon]
The Rainbow Series (sometimes known as the Rainbow Books) is a series of
Rainbow Series
from
Rainbow Series
from Archive of Information Assurance Computer security standards
The Rainbow Series (sometimes known as the Rainbow Books) is a series of computer security
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...
standards and guidelines published by the United States
The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country Continental United States, primarily located in North America. It consists of 50 U.S. state, states, a Washington, D.C., ...
government in the 1980s and 1990s. They were originally published by the U.S. Department of Defense Computer Security Center, and then by the National Computer Security Center.
Objective
These standards describe a process of evaluation for trusted systems. In some cases, U.S. government entities (as well as private firms) would require formal validation of computer technology using this process as part of theirprocurement
Procurement is the method of discovering and agreeing to terms and purchasing goods, services, or other works from an external source, often with the use of a tendering or competitive bidding process. When a government agency buys goods or s ...
criteria. Many of these standards have influenced, and have been superseded by, the Common Criteria
The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard ( ISO/IEC 15408) for computer security certification. It is currently in version 3.1 revision 5.
Common Criteria ...
.
The books have nicknames based on the color of its cover. For example, the Trusted Computer System Evaluation Criteria was referred to as "The Orange Book." In the book entitled ''Applied Cryptography'', security expert Bruce Schneier
Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Cente ...
states of NCSC-TG-021 that he "can't even begin to describe the color of hecover" and that some of the books in this series have "hideously colored covers." He then goes on to describe how to receive a copy of them, saying "Don't tell them I sent you."
Most significant Rainbow Series books
References
{{reflistExternal links
Rainbow Series
from
Federation of American Scientists
The Federation of American Scientists (FAS) is an American nonprofit global policy think tank with the stated intent of using science and scientific analysis to attempt to make the world more secure. FAS was founded in 1946 by scientists who w ...
, with more explanation
Rainbow Series
from Archive of Information Assurance Computer security standards