Rainbow Series (Peter Pohl)
   HOME

TheInfoList



Click Here for Items Related To - Rainbow Series (Peter Pohl)
OR:
Rainbow Series (Peter Pohl) on:   [Wikipedia]   [Google]   [Amazon]

The Rainbow Series (sometimes known as the Rainbow Books) is a series of
computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...
standards and guidelines published by the
United States The United States of America (USA), also known as the United States (U.S.) or America, is a country primarily located in North America. It is a federal republic of 50 U.S. state, states and a federal capital district, Washington, D.C. The 48 ...
government in the 1980s and 1990s. They were originally published by the
U.S. Department of Defense The United States Department of Defense (DoD, USDOD, or DOD) is an executive department of the U.S. federal government charged with coordinating and supervising the six U.S. armed services: the Army, Navy, Marines, Air Force, Space Force, t ...
Computer Security Center, and then by the
National Computer Security Center The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and proces ...
.


Objective

These standards describe a process of evaluation for
trusted system In the security engineering subspecialty of computer science, a trusted system is one that is relied upon to a specified extent to enforce a specified security policy. This is equivalent to saying that a trusted system is one whose failure would bre ...
s. In some cases, U.S. government entities (as well as private firms) would require formal validation of computer technology using this process as part of their
procurement Procurement is the process of locating and agreeing to terms and purchasing goods, services, or other works from an external source, often with the use of a tendering or competitive bidding process. The term may also refer to a contractual ...
criteria. Many of these standards have influenced, and have been superseded by, the
Common Criteria The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (International Organization for Standardization, ISO/International Electrotechnical Commission, IEC 15408) for co ...
. The books have nicknames based on the color of its cover. For example, the
Trusted Computer System Evaluation Criteria Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TC ...
was referred to as "The Orange Book." In the book entitled ''Applied Cryptography'', security expert
Bruce Schneier Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is an Adjunct Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman ...
states of NCSC-TG-021 that he "can't even begin to describe the color of hecover" and that some of the books in this series have "hideously colored covers." He then goes on to describe how to receive a copy of them, saying "Don't tell them I sent you."


Most significant Rainbow Series books


References

{{reflist


External links


Rainbow Series
from
Federation of American Scientists The Federation of American Scientists (FAS) is an American nonprofit global policy think tank with the stated intent of using science and scientific analysis to attempt to make the world more secure. FAS was founded in 1945 by a group of scient ...
, with more explanation
Rainbow Series
from Archive of Information Assurance Computer security standards