NSA/NCSC Rainbow Series (.pdf) |
Name | Description |
| DoD Trusted Computer System Evaluation Criteria [Version 1 - 26 December 1985] |
| DoD Password Management Guideline [Version 1 - 12 April 1985] |
| Computer Security Requirements -- Guidance for Applying the DoD TCSEC in Specific Environments [Version 1 - 25 June 1985] |
| Technical Rational Behind CSC-STD-003-85: Computer Security Requirements -- Guidance for Applying the DoD TCSEC in Specific Environments [Version 1 - 25 June 1985] |
| Advisory Memorandum on Office Automation Security Guidelines |
| A Guide to Understanding Audit in Trusted Systems [Version 2 6/01/88] |
| Trusted Product Evaluation - A Guide for Vendors [Version 1 6/22/90] |
| A Guide to Understanding Discretionary Access Control in Trusted
Systems [Version 1, 9/30/87] |
| Glossary of Computer Security Terms [Version 1, 10/21/88] |
| Trusted Network Interpretation [Version 1 7/31/87] |
| A Guide to Understanding Configuration management in Trusted
Systems [Version 1 - 28 Mar 1988] |
| A Guide to Understanding Design Documentation in Trusted Systems
[Version 1 - 6 Oktober 1988] |
| A Guide to Understanding Trusted Distribution in Trusted Systems
[Version 1 - 15 December 1988] |
| Computer Security Subsystem Interpretation of the Trusted Computer
System Evaluation Criteria [Version 1 - 16 September 1988] |
| A Guide to Understanding Security Modeling in Trusted Systems [Version 1 - October 1992] |
| Trusted Network Interpretation Environments Guideline - Guidance for Applying the TNI [Version 1 - 1 August 1990] |
| Rating Maintenance Phase Program Document [Version 2 - 01 Mars 1995] |
| Guidelines for Formal Verification Systems [Version - 1 April 1989] |
| A Guide to Understanding Trusted Facility Management [Version 1 - 18 October 1989] |
| Guidelines for Writing Trusted Facility Manuals [Version 1 - October 1992] |
| A Guide to Understanding Identification and Authentication in Trusted Systems
[Version 1 - September 1991] |
| A Guide to Understanding Object Reuse in Trusted Systems [Version 1 - July 1992] |
| Trusted Product Evaluation Questionnaire [Version 2 - 2 May 1992] |
| Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX� System [Version 1 - 7 July 1989] |
| Trusted Database Management System Interpretation [Version 1 - April 1991] |
| A Guide to Understanding Trusted Recovery [Version 1 - 30 December 1991] |
| A Guide to Understanding Security Testing and Test Documentation in Trusted Systems |
| A Guide to Procurement of Trusted Systems: An Introduction to Procurement Initiators on Computer Security Requirements [Version 1 - December 1992] |
| A Guide to Procurement of Trusted Systems: Language for RFP Specifications and Statements of Work - An Aid to Procurement Initiators [Version 1 - 30 June 1993] |
| A Guide to Procurement of Trusted Systems: Computer Security Contract Data Requirements List and Data Item Description Tutorial [Version 1 - 28 February 1994] |
| A Guide to Procurement of Trusted Systems: How to Evaluate a Bidder's Proposal Document - An Aid to Procurement Initiators and Contractors |
| A Guide to Understanding Data Remanence in Automated Information Systems
[Version 2 - September 1991] |
| A Guide to Writing the Security Features User's Guide for Trusted Systems
[Version 1 - September 1991] |
| A Guide to Understanding Information System Security Officer
Responsibilities for Automated Information Systems [Version 1 - May 1992] |
| Assessing Controlled Access Protection [Version 1 - 25 May 1992] |
| Introduction to Certification and Accreditation [Version 1 - January 1994] |
| A Guide to Understanding Covert Channel Analysis of Trusted Systems
[Version 1 - November 1993] |
| A zip file containing all of the above books (4.14 MB) |
Other NCSC Publications (.pdf) |
Name | Description |
| Technical Report, Computer Viruses: Prevention, Detection, and Treatment [12 March 1990] |
| Technical Report, Integrity in Automated Information Systems [September 1991] |
| The Design and Evaluation of INFOSEC systems: The Computer Security Contribution to the Composition Discussion [June 1992] |
| Integrity-Oriented Control Objectives: Proposed Revisions to the TCSEC [October 1991] |
| Use of the TCSEC for Complex, Evolving, Mulitpolicy Systems |
| Turning Multiple Evaluated Products Into Trusted Systems |
| A Guide to Procurement of Single Connected Systems - Language for RFP Specifications and Statements of Work - An Aid to Procurement Initiators - Includes Complex, Evolving, and Multipolicy Systems |
| Inference and Aggregation Issues In Secure Database Management Systems |
| Entity and Referential Integrity Issues In Multilevel Secure Database Management |
| Polyinstantiation Issues In Multilevel Secure Database Management Systems |
| Auditing Issues In Secure Database Management Systems |
| Discretionary Access Control Issues In High Assurance Secure Database Management Systems |
| A zip file containing all of the above books (1.92 MB) |
