Rainbow Series
Template:Short description Script error: No such module "about". Script error: No such module "Unsubst".
The Rainbow Series (sometimes known as the Rainbow Books) is a series of computer security standards and guidelines published by the United States government in the 1980s and 1990s. They were originally published by the U.S. Department of Defense Computer Security Center, and then by the National Computer Security Center.
Objective
These standards describe a process of evaluation for trusted systems. In some cases, U.S. government entities (as well as private firms) would require formal validation of computer technology using this process as part of their procurement criteria. Many of these standards have influenced, and have been superseded by, the Common Criteria.
The books have nicknames based on the color of its cover. For example, the Trusted Computer System Evaluation Criteria was referred to as "The Orange Book."[1] In the book entitled Applied Cryptography, security expert Bruce Schneier states of NCSC-TG-021 that he "can't even begin to describe the color of [the] cover" and that some of the books in this series have "hideously colored covers." He then goes on to describe how to receive a copy of them, saying "Don't tell them I sent you."[2]
Most significant Rainbow Series books
| Document | Title | Date | Color | |
|---|---|---|---|---|
| 5200.28-STD | DoD Trusted Computer System Evaluation Criteria | Template:Dts | Orange | Template:Color box |
| CSC-STD-002-85 | DoD Password Management Guideline | Template:Dts | Green | Template:Color box |
| CSC-STD-003-85 | Guidance for Applying TCSEC in Specific Environments | Template:Dts | Light Yellow | Template:Color box |
| CSC-STD-004-85 | Technical Rationale Behind CSC-STD-003-85: Computer Security Requirements | Template:Dts | Yellow | Template:Color box |
| NCSC-TG-001 | A Guide to Understanding Audit in Trusted Systems | Template:Dts | Tan | Template:Color box |
| NCSC-TG-002 | Trusted Product Security Evaluation Program | Template:Dts | Bright Blue | Template:Color box |
| NCSC-TG-003 | Discretionary Access Control in Trusted Systems | Template:Dts | Neon Orange | Template:Color box |
| NCSC-TG-004 | Glossary of Computer Security Terms | Template:Dts | Teal Green | Template:Color box |
| NCSC-TG-005 | Trusted Network Interpretation | Template:Dts | Red | Template:Color box |
| NCSC-TG-006 | Configuration Management in Trusted Systems | Template:Dts | Amber | Template:Color box |
| NCSC-TG-007 | A Guide to Understanding Design Documentation in Trusted Systems | Template:Dts | Burgundy | Template:Color box |
| NCSC-TG-008 | A Guide to Understanding Trusted Distribution in Trusted Systems | Template:Dts | Dark Lavender | Template:Color box |
| NCSC-TG-009 | Computer Security Subsystem Interpretation of the TCSEC | Template:Dts | Venice Blue | Template:Color box |
| NCSC-TG-010 | A Guide to Understanding Security Modeling in Trusted Systems | Template:Dts | Aqua | Template:Color box |
| NCSC-TG-011 | Trusted Network Interpretation Environments Guideline (TNI) | Template:Dts | Red | Template:Color box |
| NCSC-TG-012 | Trusted Database Management System Interpretation [3] | Template:Dts | Template:Color box | |
| NCSC-TG-013 | RAMP Program Document | Template:Dts | Pink | Template:Color box |
| NCSC-TG-013 V2 | RAMP Program Document version 2 | Template:Dts | Pink | Template:Color box |
| NCSC-TG-014 | Guidelines for Formal Verification Systems | Template:Dts | Purple | Template:Color box |
| NCSC-TG-015 | Guide to Understanding Trusted Facility Management | Template:Dts | Brown | Template:Color box |
| NCSC-TG-016 | Guidelines for Writing Trusted Facility Manuals | Template:Dts | Yellow-Green | Template:Color box |
| NCSC-TG-017 | Identification and Authentication in Trusted Systems | Template:Dts | Light Blue | Template:Color box |
| NCSC-TG-018 | Object Reuse in Trusted Systems | Template:Dts | Light Blue | Template:Color box |
| NCSC-TG-019 | Trusted Product Evaluation Questionnaire | Template:Dts | Blue | Template:Color box |
| NCSC-TG-020 | Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX System | Template:Dts | Silver | Template:Color box |
| NCSC-TG-020-A | Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX (R) System | Template:Dts | Grey Silver | Template:Color box |
| NCSC-TG-021 | Trusted Database Management System Interpretation of the TCSEC (TDI) | Template:Dts | Purple | Template:Color box |
| NCSC-TG-022 | Trusted Recovery in Trusted Systems | Template:Dts | Yellow | Template:Color box |
| NCSC-TG-023 | Security Testing and Test Documentation in Trusted Systems | Template:Dts | Bright Orange | Template:Color box |
| NCSC-TG-024 Vol. 1/4 | Procurement of Trusted Systems: An Introduction to Procurement Initiators on Computer Security Requirements | Template:Dts | Purple | Template:Color box |
| NCSC-TG-024 Vol. 2/4 | Procurement of Trusted Systems: Language for RFP Specifications and Statements of Work | Template:Dts | Purple | Template:Color box |
| NCSC-TG-024 Vol. 3/4 | Procurement of Trusted Systems: Computer Security Contract Data Requirements List and Data Item Description | Template:Dts | Purple | Template:Color box |
| NCSC-TG-024 Vol. 4/4 | Procurement of Trusted Systems: How to Evaluate a Bidder's Proposal Document | Publication TBA | Purple | Template:Color box |
| NCSC-TG-025 | Guide to Understanding Data Remanence in Automated Information Systems. | Template:Dts | Forest Green | Template:Color box |
| NCSC-TG-026 | Writing the Security Features User's Guide for Trusted Systems | Template:Dts | Hot Peach | Template:Color box |
| NCSC-TG-027 | Information System Security Officer Responsibilities for Automated Information Systems | Template:Dts | Turquoise | Template:Color box |
| NCSC-TG-028 | Assessing Controlled Access Protection | Template:Dts | Violet | Template:Color box |
| NCSC-TG-029 | Certification and Accreditation Concepts | Template:Dts | Blue | Template:Color box |
| NCSC-TG-030 | Covert Channel Analysis of Trusted Systems | Template:Dts | Light Pink | Template:Color box |
References
External links
- Rainbow Series from Federation of American Scientists, with more explanation
- Rainbow Series from Archive of Information Assurance