home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Forum of Incident Response & Security Teams
/
Forum_of_Incident_Response_and_Security_Teams_FIRST_October_1994.iso
/
ethics
/
otherinf.txt
< prev
next >
Wrap
Text File
|
1994-07-08
|
3KB
|
80 lines
If you have additions to this file, plase mail
To: "'David D. Grisham'" <DAVE@UNMB> BITNET
or dave@ariel.unm.edu Internet
A new draft ECMA standard for Security in Open and Distributed systems
is available for FTP. This draft standard addresses the problems of
security standardisation in applications intended for OSI or ODP
environments. Comments are requested on this draft for inclusion in
the final version.
Comments: To: tcp-ip@sri-nic.arpa, security@pyrite.rutgers.edu
Please forward this message to any other groups or individuals who
may be interested in this work.
The text may be obtained by anonymous FTP from rcole.hpl.hp.com
(15.255.61.89) which is in the UK, or from allspice.lcs.mit.edu in the
directory ~/pub/ecma-desd, as a tar file containing print files for
the individual chapters. Two print file formats are offered:
desdps - contains the PostScript version
desdlj - contains print files for the HP-Laserjet+ (or better).
Compressed versions are also available to ease the transfer problem.
So the file choices (and sizes) are:
5253120 Apr 5 13:50 desdlj.tar
1816056 Apr 5 15:34 desdlj.tar.Z
1505280 Apr 5 11:00 desdps.tar
569425 Apr 5 11:12 desdps.tar.Z
Note that the document contains pictures as well as text so it is not
possible to send the text directly by e-mail.
Please note that the document was designed for, and will evenatually be
published on, A4 paper. If you must print it on AQ size then you may
lose the page numbers.
Robert
-----------------
Subject: Re: orange book
To: security@rutgers.edu
The "Orange Book", also known as the Department of Defense Trusted Computer
System Evaluation Criteria, is DoD Standard DOD 5200.28-STD. You should be
able to get it via this number through the US Goverment Printing Office.
As for the other "rainbow" books... the ones I have sitting on my desk are:
Colour Number Title
Lt. Green CSC-STD-002-85 Department of Defense Password Management
Guideline
Yellow CSC-STD-003-85 Computer Security Requirements
Yellow CSC-STD-004-85 Technical Rationale Behind CSC-STD-003-85:
Computer Security Requirements
Tan NCSC-TG-001 v.2 A Guide to Understanding AUDIT in Trusted
Systems
Red-Orange NCSC-TG-003 v.1 A Guide to Understanding DISCRETIONARY ACCESS
CONTROL in Trusted Systems
Red NCSC-TG-005 v.1 Trusted Network Interpretation of the Trusted
Computer System Evaluation Criteria
Peach NCSC-TG-006 v.1 A Guide to Understanding CONFIGURATION
MANAGEMENT in Trusted Systems
Dark Red NCSC-TG-007 v.1 A Guide to Understanding DESIGN DOCUMENTATION
in Trusted Systems
Grey NCSC-TG-009 v.1 Computer Security Subsystem Interpretation of
the Trusted Computer System Evaluation
Criteria
(if there are ones I am missing, I would like to know)
In terms of ordering, I would check with the US Govt Printing Office, or
directly with the NCSC. Their address is NCSC, 9800 Savage Road, Fort George
G. Meade, MD 20755-6000.
Daniel
--
Work :The Aerospace Corp M8/055 * POB 92957 * LA, CA 90009-2957 * 213/336-3149
Home :8333 Columbus Avenue #17 * Sepulveda CA 91343 * 818/892-8555
Email:faigin@aerospace.aero.org (or) Faigin@dockmaster.ncsc.mil
Voicemail: 213/336-5454 Box#3149 * "Take what you like, and leave the rest"