|
Trusted Computer System Evaluation Criteria
Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TCSEC was used to evaluate, classify, and select computer systems being considered for the processing, storage, and retrieval of sensitive or classified information. The TCSEC, frequently referred to as the Orange Book, is the centerpiece of the DoD ''Rainbow Series'' publications. Initially issued in 1983 by the National Computer Security Center (NCSC), an arm of the National Security Agency, and then updated in 1985, TCSEC was eventually replaced by the Common Criteria international standard, originally published in 2005. Fundamental objectives and requirements On 24 October 2002, The Orange Book (aka DoDD 5200.28-STD) was canceled by DoDD 8500.1, which was later reissued as DoDI 8500.02, on 14 March 2014. Policy The security policy m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Security Model
A computer is a machine that can be programmed to carry out sequences of arithmetic or logical operations (computation) automatically. Modern digital electronic computers can perform generic sets of operations known as programs. These programs enable computers to perform a wide range of tasks. A computer system is a nominally complete computer that includes the hardware, operating system (main software), and peripheral equipment needed and used for full operation. This term may also refer to a group of computers that are linked and function together, such as a computer network or computer cluster. A broad range of industrial and consumer products use computers as control systems. Simple special-purpose devices like microwave ovens and remote controls are included, as are factory devices like industrial robots and computer-aided design, as well as general-purpose devices like personal computers and mobile devices like smartphones. Computers power the Internet, which links bil ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trusted Platform Module
Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard. TPM is used for digital rights management (DRM), Windows Defender, Windows Domain logon, protection and enforcement of software licenses, and prevention of cheating in online games. One of Windows 11's system requirements is TPM 2.0. Microsoft has stated that this is to help increase security against firmware and ransomware attacks. History Trusted Platform Module (TPM) was conceived by a computer industry consortium called Trusted Computing Group (TCG). It evolved into ''TPM Main Specification Version 1.2'' which was standardized by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) in 2009 as ISO/IEC 11889:2009. ''TPM Main Specification Version 1. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ITSEC
The Information Technology Security Evaluation Criteria (ITSEC) is a structured set of criteria for evaluating computer security within products and systems. The ITSEC was first published in May 1990 in France, Germany, the Netherlands, and the United Kingdom based on existing work in their respective countries. Following extensive international review, Version 1.2 was subsequently published in June 1991 by the Commission of the European Communities for operational use within evaluation and certification schemes. Since the launch of the ITSEC in 1990, a number of other European countries have agreed to recognize the validity of ITSEC evaluations. The ITSEC has been largely replaced by Common Criteria, which provides similarly-defined evaluation levels and implements the target of evaluation concept and the Security Target document. Concepts The product or system being evaluated, called the ''target of evaluation'', is subjected to a detailed examination of its security features cul ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Canadian Trusted Computer Product Evaluation Criteria
The Canadian Trusted Computer Product Evaluation Criteria (CTCPEC) is a computer security standard published in 1993 by the Communications Security Establishment to provide an evaluation criterion on IT products. It is a combination of the TCSEC (also called ''Orange Book'') and the European ITSEC approaches. CTCPEC led to the creation of the Common Criteria standard. The Canadian System Security Centre, part of the Communications Security Establishment The Communications Security Establishment (CSE; french: Centre de la sécurité des télécommunications, ''CST''), formerly (from 2008-2014) called the Communications Security Establishment Canada (CSEC), is the Government of Canada's national ... was founded in 1988 to establish a Canadian computer security standard. The Centre published a draft of the standard in April 1992. The final version was published in January 1993. References External links * Computer security standards {{Standard-stub ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
AR 25-2
AR, Ar, or A&R may refer to: Arts, entertainment, and media Music * Artists and repertoire Periodicals * ''Absolute Return + Alpha'', a hedge fund publication *''The Adelaide Review'', an Australian arts magazine * ''American Renaissance'' (magazine), a white nationalist magazine and website * ''Architectural Review'', a British architectural journal * ''Armeerundschau'', a magazine of the East German army Other media * Ar, city on the fictional planet Gor * ''a.r.'' group of Polish artists and poets, including Katarzyna Kobro * Alternate reality (other), various fictional concepts Business * Accounts receivable, abbreviated as AR or A/R * Acoustic Research, an American audio electronics manufacturer * Aerojet Rocketdyne, an American aerospace and defense manufacturer * Aerolíneas Argentinas (IATA airline code AR) * Some Alfa Romeo car models, e.g. AR51 * Toyota AR engine Language * ''Ar'', the Latin letter R when spelled out * Ar (cuneiform), a cuneiform combine ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
AR 380-19
AR, Ar, or A&R may refer to: Arts, entertainment, and media Music * Artists and repertoire Periodicals * ''Absolute Return + Alpha'', a hedge fund publication *''The Adelaide Review'', an Australian arts magazine * ''American Renaissance'' (magazine), a white nationalist magazine and website * ''Architectural Review'', a British architectural journal * '' Armeerundschau'', a magazine of the East German army Other media * Ar, city on the fictional planet Gor * ''a.r.'' group of Polish artists and poets, including Katarzyna Kobro * Alternate reality (other), various fictional concepts Business * Accounts receivable, abbreviated as AR or A/R * Acoustic Research, an American audio electronics manufacturer * Aerojet Rocketdyne, an American aerospace and defense manufacturer * Aerolíneas Argentinas (IATA airline code AR) * Some Alfa Romeo car models, e.g. AR51 * Toyota AR engine Language * ''Ar'', the Latin letter R when spelled out * Ar (cuneiform), a cuneiform combin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
XTS-400
The XTS-400 is a multilevel secure computer operating system. It is multiuser and multitasking that uses multilevel scheduling in processing data and information. It works in networked environments and supports Gigabit Ethernet and both IPv4 and IPv6. The XTS-400 is a combination of Intel x86 hardware and the Secure Trusted Operating Program (STOP) operating system. XTS-400 was developed by BAE Systems, and originally released as version 6.0 in December 2003. STOP provides ''high-assurance'' security and was the first general-purpose operating system with a Common Criteria assurance level rating of EAL5 or above. The XTS-400 can host, and be trusted to separate, multiple, concurrent data sets, users, and networks at different sensitivity levels. The XTS-400 provides both an ''untrusted'' environment for normal work and a trusted environment for administrative work and for privileged applications. The untrusted environment is similar to traditional Unix environments. It prov ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trusted Path
A trusted path or trusted channel is a mechanism that provides confidence that the user is communicating with what the user intended to communicate with, ensuring that attackers can't intercept or modify whatever information is being communicated. The term was initially introduced by Orange Book. As its security architecture concept, it can be implemented with any technical safeguards suitable for particular environment and risk profile. Examples Electronic signature In Common Criteria and European Union electronic signature standards ''trusted path'' and ''trusted channel'' describe techniques that prevent interception or tampering with sensitive data as it passes through various system components: * ''trusted path'' — protects data from the user and a security component (e.g. PIN sent to a smart card to unblock it for digital signature), * ''trusted channel'' — protects data between security component and other information resources (e.g. data read from a file and sent to ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intrusion Detection
An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms. IDS types range in scope from single computers to large networks. The most common classifications are network intrusion detection systems (NIDS) and host-based intrusion detection systems (HIDS). A system that monitors important operating system files is an example of an HIDS, while a system that analyzes incoming network traffic is an example of an NIDS. It is also possible to classify IDS by detection approach. The most well-known variants are signature-based detection (recogni ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Reference Monitor
In operating systems architecture a reference monitor concept defines a set of design requirements on a reference validation mechanism, which enforces an access control policy over subjects' (e.g., processes and users) ability to perform operations (e.g., read and write) on objects (e.g., files and sockets) on a system. The properties of a reference monitor are captured by the acronym NEAT, which means: * The reference validation mechanism must be ''Non-bypassable'', so that an attacker cannot bypass the mechanism and violate the security policy. * The reference validation mechanism must be ''Evaluable'', i.e., amenable to analysis and tests, the completeness of which can be assured (verifiable). Without this property, the mechanism might be flawed in such a way that the security policy is not enforced. * The reference validation mechanism must be ''Always invoked''. Without this property, it is possible for the mechanism to not perform when intended, allowing an attacker to violate ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
