Don't miss an insight. Subscribe to Techopedia for free.

Subscribe
Advertisements

Trusted Computer System Evaluation Criteria

What Does Trusted Computer System Evaluation Criteria Mean?

The Trusted Computer System Evaluation Criteria (TCSEC) book is a standard from the United States Department of Defense
that discusses rating security controls for a computer system. It is also
often referred to as the “orange book.” This standard was originally released
in 1983, and updated in 1985, before being replaced by a “Common Criteria”
standard in 2005.

Advertisements

Techopedia Explains Trusted Computer System Evaluation Criteria

The orange book standard includes four top-level categories of security – minimal security, discretionary protection, mandatory protection and verified protection. In this standard, security “begins at the lowest classes in an access control mechanism, and ends in the highest class with a mechanism that a clever and determined user cannot circumvent.”

The orange book also defines a “trusted system” and measures trusts in terms of security policies and assurance. TCSEC measures accountability according to independent verification, authentication and ordering. The TCSEC or “orange book” is part of a “rainbow series” of different manuals put out by U.S. federal government agencies, so named for their colorful printed covers.

Advertisements

Related Terms