Rainbow Series
(Redirected from Crayola book (computing))
Template:Short description Script error: No such module "about". Script error: No such module "Unsubst".
The Rainbow Series (sometimes known as the Rainbow Books) is a series of computer security standards and guidelines published by the United States government in the 1980s and 1990s. They were originally published by the U.S. Department of Defense Computer Security Center, and then by the National Computer Security Center.
Objective
These standards describe a process of evaluation for trusted systems. In some cases, U.S. government entities (as well as private firms) would require formal validation of computer technology using this process as part of their procurement criteria. Many of these standards have influenced, and have been superseded by, the Common Criteria.
The books have nicknames based on the color of its cover. For example, the Trusted Computer System Evaluation Criteria was referred to as "The Orange Book."[1] In the book entitled Applied Cryptography, security expert Bruce Schneier states of NCSC-TG-021 that he "can't even begin to describe the color of [the] cover" and that some of the books in this series have "hideously colored covers." He then goes on to describe how to receive a copy of them, saying "Don't tell them I sent you."[2]
Most significant Rainbow Series books
| Document | Title | Date | Color | |
|---|---|---|---|---|
| 5200.28-STD | DoD Trusted Computer System Evaluation Criteria | Template:Dts | Orange | <templatestyles src="Legend/styles.css" /> |
| CSC-STD-002-85 | DoD Password Management Guideline | Template:Dts | Green | <templatestyles src="Legend/styles.css" /> |
| CSC-STD-003-85 | Guidance for Applying TCSEC in Specific Environments | Template:Dts | Light Yellow | <templatestyles src="Legend/styles.css" /> |
| CSC-STD-004-85 | Technical Rationale Behind CSC-STD-003-85: Computer Security Requirements | Template:Dts | Yellow | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-001 | A Guide to Understanding Audit in Trusted Systems | Template:Dts | Tan | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-002 | Trusted Product Security Evaluation Program | Template:Dts | Bright Blue | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-003 | Discretionary Access Control in Trusted Systems | Template:Dts | Neon Orange | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-004 | Glossary of Computer Security Terms | Template:Dts | Teal Green | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-005 | Trusted Network Interpretation | Template:Dts | Red | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-006 | Configuration Management in Trusted Systems | Template:Dts | Amber | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-007 | A Guide to Understanding Design Documentation in Trusted Systems | Template:Dts | Burgundy | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-008 | A Guide to Understanding Trusted Distribution in Trusted Systems | Template:Dts | Dark Lavender | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-009 | Computer Security Subsystem Interpretation of the TCSEC | Template:Dts | Venice Blue | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-010 | A Guide to Understanding Security Modeling in Trusted Systems | Template:Dts | Aqua | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-011 | Trusted Network Interpretation Environments Guideline (TNI) | Template:Dts | Red | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-012 | Trusted Database Management System Interpretation [3] | Template:Dts | <templatestyles src="Legend/styles.css" /> | |
| NCSC-TG-013 | RAMP Program Document | Template:Dts | Pink | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-013 V2 | RAMP Program Document version 2 | Template:Dts | Pink | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-014 | Guidelines for Formal Verification Systems | Template:Dts | Purple | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-015 | Guide to Understanding Trusted Facility Management | Template:Dts | Brown | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-016 | Guidelines for Writing Trusted Facility Manuals | Template:Dts | Yellow-Green | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-017 | Identification and Authentication in Trusted Systems | Template:Dts | Light Blue | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-018 | Object Reuse in Trusted Systems | Template:Dts | Light Blue | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-019 | Trusted Product Evaluation Questionnaire | Template:Dts | Blue | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-020 | Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX System | Template:Dts | Silver | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-020-A | Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX (R) System | Template:Dts | Grey Silver | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-021 | Trusted Database Management System Interpretation of the TCSEC (TDI) | Template:Dts | Purple | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-022 | Trusted Recovery in Trusted Systems | Template:Dts | Yellow | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-023 | Security Testing and Test Documentation in Trusted Systems | Template:Dts | Bright Orange | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-024 Vol. 1/4 | Procurement of Trusted Systems: An Introduction to Procurement Initiators on Computer Security Requirements | Template:Dts | Purple | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-024 Vol. 2/4 | Procurement of Trusted Systems: Language for RFP Specifications and Statements of Work | Template:Dts | Purple | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-024 Vol. 3/4 | Procurement of Trusted Systems: Computer Security Contract Data Requirements List and Data Item Description | Template:Dts | Purple | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-024 Vol. 4/4 | Procurement of Trusted Systems: How to Evaluate a Bidder's Proposal Document | Publication TBA | Purple | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-025 | Guide to Understanding Data Remanence in Automated Information Systems. | Template:Dts | Forest Green | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-026 | Writing the Security Features User's Guide for Trusted Systems | Template:Dts | Hot Peach | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-027 | Information System Security Officer Responsibilities for Automated Information Systems | Template:Dts | Turquoise | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-028 | Assessing Controlled Access Protection | Template:Dts | Violet | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-029 | Certification and Accreditation Concepts | Template:Dts | Blue | <templatestyles src="Legend/styles.css" /> |
| NCSC-TG-030 | Covert Channel Analysis of Trusted Systems | Template:Dts | Light Pink | <templatestyles src="Legend/styles.css" /> |
References
<templatestyles src="Reflist/styles.css" />
Script error: No such module "Check for unknown parameters".
External links
- Rainbow Series from Federation of American Scientists, with more explanation
- Rainbow Series from Archive of Information Assurance