Term of the Moment

ERM


Look Up Another Term


Definition: Rainbow Series


The Rainbow Series was a collection of freely distributed documents summarizing recommendations of agencies of the U.S. government. They were published in the 1980s and 1990s by the National Computer Security Center (see NCSC).

The 1983 DoD Trusted Computer System Evaluation Criteria (TCSEC) became known as the original "Orange Book" because of its cover color. Several colors were reused over the years, and a few books changed colors in different printings. Most of the following documents are available from the Federation of American Scientists. See NCSC security levels.

DOD Documents
Following are documents from the Department of Defense:

1 - Orange Book (CSC-STD-001-83)
DOD Trusted Computer System Evaluation Criteria (TCSEC) [DOD 5200.28]

2 - Green Book (CSC-STD-002-85)
DOD Password Management Guidelines

3 - Light Yellow Book (CSC-STD-003-85)
Guidance for Applying the DOD Trusted Computer System Evaluation Criteria in Specific Environments

4 - Yellow Book II (CSC-STD-004-85)
Technical Rationale Behind CSC-STD-003-85: Computer Security Requirements

5 - (CSC-STD-005-85)
DoD Magnetic Remanence Security Guideline

NCSC Documents
Following are documents from the National Computer Security Center

6 - Light Pink Book (NCSC-TG-030)
A Guide to Understanding Covert Channel Analysis of Trusted Systems (11/93)

7 - Aqua Book (NCSC-TG-004)
Glossary of Computer Security Terms

8 - Blue Book (NCSC-TG-029)
Introduction to Certification and Accreditation (09/94)

9 - Blue Book (NCSC-TG-019)
Trusted Product Evaluation Questionnaire

10 - Bright Blue Book (NCSC-TG-002)
Trusted Product Evaluation - A Guide for Vendors

11 - Brown Book (NCSC-TG-015)
A Guide to Understanding Trusted Facility Management

12 - Burgundy Book (NCSC-TG-007)
A Guide to Understanding Design Documentation in Trusted Systems

13 - Forest Green Book (NCSC-TG-025)
A Guide to Understanding Data Remanence in Automated Information Systems (Ver.2 09/91)

14 - Grey/Silver Book (NCSC-TG-020A)
Trusted UNIX Working Group (TRUSIX) Rationale for Selecting Access Control List Features for the UNIX System

15 - Hot Peach Book (NCSC-TG-026)
A Guide to Writing the Security Features User's Guide for Trusted Systems

16 - Lavender (NCSC-TG-008)
A Guide to Understanding Trusted Distribution in Trusted Systems

17 - Lavender/Purple Book (NCSC-TG-021)
Trusted Database Management System Interpretation

18 - Light Blue Book (NCSC-TG-017)
A Guide to Understanding Identification and Authentication in Trusted Systems

19 - Light Blue Book (NCSC-TG-018)
A Guide to Understanding Object Reuse in Trusted Systems

20 - Orange Book (NCSC-TG-006)
A Guide to Understanding Configuration Management in Trusted Systems

21 - Orange Book (NCSC-TG-003)
A Guide to Understanding Discretionary Access Control in Trusted Systems

22 - Pink Book (NCSC-TG-013)
Rating Maintenance Phase Program Document

23 - Purple Book (NCSC-TG-014)
Guidelines for Formal Verification Systems

24 - Red Book (NCSC-TG-005)
Trusted Network Interpretation. See NCSC security levels.

25 - Red Book (NCSC-TG-011)
Trusted Network Interpretation Environments Guideline - Guidance for Applying the Trusted Network Interpretation. See NCSC security levels.

26 - Tan Book (NCSC-TG-001)
A Guide to Understanding Audit in Trusted Systems

27 - Teal Book (NCSC-TG-010)
A Guide to Understanding Security Modeling in Trusted Systems

28 - Turquoise Book (NCSC-TG-027)
A Guide to Understanding Information System Security Officer Responsibilities for Automated Information Systems

29 - Venice Blue Book (NCSC-TG-009)
Computer Security Subsystem Interpretation of the Trusted Computer System Evaluation Criteria

30 - Violet Book (NCSC-TG-028)
Assessing Controlled Access Protection

31 - Yellow Book (NCSC-TG-022)
A Guide to Understanding Trusted Recovery

32 - Yellow-Green Book (NCSC-TG-016)
Writing Trusted Facility Manuals