Rainbow Series Library
from the NIST page (http://csrc.nist.gov/publications/):

The rainbow series is a library of about 37 documents that address specific areas of computer security. Each of the documents is a different color, which is how they became to be refereed to as the Rainbow Series. The primary document of the set is the Trusted Computer System Evaluation Criteria (5200.28-STD, Orange Book), dated December 26, 1985. This document defines the seven different levels of trust that a product can achieve under the Trusted Product Evaluation Program (TPEP) within NSA. Some of the titles include, Password Management, Audit, Discretionary Access Control, Trusted Network Interpretation, Configuration Management, Identification and Authentication, Object Reuse and Covert Channels. A new International criteria for system and product evaluation called the International Common Criteria (ICCC) has been developed for product evaluations. The TCSEC has been largely superceded by the International Common Criteria, but is still used for products that require a higher level of assurance in specific operational environments. Most of the rainbow series documents are available on-line.

Other NCSC Publications:

  • C1 Technical Report 001 - Technical Report, Computer Viruses: Prevention, Detection, and Treatment, 12 March 1990

  • C Technical Report 79-91 - Technical Report, Integrity in Automated Information Systems, September 1991.

  • C Technical Report 32-92 - The Design and Evaluation of INFOSEC systems: The Computer Security Contribution to the Composition Discussion, June 1992.

  • C Technical Report 111-91 - Integrity-Oriented Control Objectives: Proposed Revisions to the TCSEC, October 1991.

  • NCSC Technical Report 002 - Use of the TCSEC for Complex, Evolving, Mulitpolicy Systems

  • NCSC Technical Report 003 - Turning Multiple Evaluated Products Into Trusted Systems

  • NCSC Technical Report 004 - A Guide to Procurement of Single Connected Systems - Language for RFP Specifications and Statements of Work - An Aid to Procurement Initiators - Includes Complex, Evolving, and Multipolicy Systems

  • NCSC Technical Report 005 Volume 1/5 - Inference and Aggregation Issues In Secure Database Management Systems

  • NCSC Technical Report 005 Volume 2/5 - Entity and Referential Integrity Issues In Multilevel Secure Database Management

  • NCSC Technical Report 005 Volume 3/5 - Polyinstantiation Issues In Multilevel Secure Database Management Systems

  • NCSC Technical Report 005 Volume 4/5 - Auditing Issues In Secure Database Management Systems

  • NCSC Technical Report 005 Volume 5/5 - Discretionary Access Control Issues In High Assurance Secure Database Management Systems

    rain dance = R = random

    rainbow series n.

    Any of several series of technical manuals distinguished by cover color. The original rainbow series was the NCSC security manuals (see Orange Book, crayola books); the term has also been commonly applied to the PostScript reference set (see Red Book, Green Book, Blue Book, White Book). Which books are meant by "`the' rainbow series" unqualified is thus dependent on one's local technical culture.

    --The Jargon File version 4.3.1, ed. ESR, autonoded by rescdsk.

    Log in or register to write something here or to contact authors.