Trusted Computer System Evaluation Criteria

What Does Trusted Computer System Evaluation Criteria Mean?

The Trusted Computer System Evaluation Criteria (TCSEC) book is a standard from the United States Department of Defense
that discusses rating security controls for a computer system. It is also
often referred to as the “orange book.” This standard was originally released
in 1983, and updated in 1985, before being replaced by a “Common Criteria”
standard in 2005.

Advertisements

Techopedia Explains Trusted Computer System Evaluation Criteria

The orange book standard includes four top-level categories of security – minimal security, discretionary protection, mandatory protection and verified protection. In this standard, security “begins at the lowest classes in an access control mechanism, and ends in the highest class with a mechanism that a clever and determined user cannot circumvent.”

The orange book also defines a “trusted system” and measures trusts in terms of security policies and assurance. TCSEC measures accountability according to independent verification, authentication and ordering. The TCSEC or “orange book” is part of a “rainbow series” of different manuals put out by U.S. federal government agencies, so named for their colorful printed covers.

Advertisements

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

All Posts by Margaret Rouse

Most Popular Term

Tech 101

Doomscrolling (Doomsurfing)

What is Doomscrolling? Doomscrolling or doomsurfing is the term used to describe social media users habitually scrolling through their newsfeeds...

Full Explanation

Tim KearyTechnology Expert

Advertisements

Cryptocurrency

Centralized Finance (CeFi)

What is Centralized Finance (CeFi)? Centralized finance (CeFi) is defined as a financial ecosystem where centralized authorities control financial assets...

Full Explanation

Nicole WillingTechnology Writer

Cryptocurrency

Selfish Mining Attack (Bitcoin)

What is a Selfish Mining Attack? In Bitcoin, a selfish mining attack is a sophisticated maneuver by which crypto miners...

Full Explanation

Sam CoolingCrypto & Blockchain Writer

Related News

dummy_img

The Future of Ethereum: Vitalik Buterin Looks to Enshrinement

Mensholong Lepcha7 years

dummy_img

6 Real-World Edge Computing Use Cases

Linda Rosencrance7 years

dummy_img

Artificial Intelligence

What ChatGPT with Web Capabilities Can Do For Your Business

Neil C. Hughes7 yearsSenior Tech Writer

dummy_img

What It Takes to Be a Blockchain City

Ruholamin Haqshanas7 yearsCryptocurrency Journalist

dummy_img

Artificial Intelligence

AI Translation Could Help Crack the Secrets of Chicken Language

Kaushik Pal7 yearsTechnology Writer

dummy_img

Featured Content

Future Trends in Container Security: What Every IT Professional Should Know

Alan Draper7 yearsEditor-in-Chief

Popular Categories
Show All

Artificial Intelligence

Password Managers

Project Management