Trusted Computer System Evaluation Criteria (TCSEC)
Definition - What does Trusted Computer System Evaluation Criteria (TCSEC) mean?
The Trusted Computer System Evaluation Criteria (TCSEC) book is a standard from the United States Department of Defense that discusses rating security controls for a computer system. It is also often referred to as the “orange book.” This standard was originally released in 1983, and updated in 1985, before being replaced by a “Common Criteria” standard in 2005.
Techopedia explains Trusted Computer System Evaluation Criteria (TCSEC)
The orange book standard includes four top-level categories of security – minimal security, discretionary protection, mandatory protection and verified protection. In this standard, security “begins at the lowest classes in an access control mechanism, and ends in the highest class with a mechanism that a clever and determined user cannot circumvent.”
The orange book also defines a “trusted system” and measures trusts in terms of security policies and assurance. TCSEC measures accountability according to independent verification, authentication and ordering. The TCSEC or “orange book” is part of a “rainbow series” of different manuals put out by U.S. federal government agencies, so named for their colorful printed covers.
- DOD Information Technology Security Certification and Accreditation Process (DITSCAP)
- Department of Defense Architecture Framework (DoDAF)
- Federal Risk and Authorization Program (FedRAMP)
- Manual Page (Man Page)
- DOD Information Assurance Certification and Accreditation Process (DIACAP)
- DoD Directive 8570 (DoDD 8570)
- Information Assurance (IA)
- Security Architecture
- Security Policy
Join thousands of others with our weekly newsletter
The 4th Era of IT Infrastructure: Superconverged Systems:
Approaches and Benefits of Network Virtualization:
Free E-Book: Public Cloud Guide:
Free Tool: Virtual Health Monitor:
Free 30 Day Trial – Turbonomic: