Title: Department Of Defense Password Management Guideline
Authors: Department Of Defense
Abstract:
- This publication, "Department of Defense Password management
Guideline," is being issued by the DoD Computer Security Center
(DoDCSC) under the authority of and in accordance with DoD Directive
5215.1, "Computer Security Evaluation Center." The guidelines
described in this document provide a set of good practices elated to
the use of password-based user authentication mechanisms in automatic
data processing systems employed for processing classified and other
sensitive information. Point of contact concerning this publication is
the Office of Standards and Products, Attention: Chief, Computer
Security Standards.
Title: Department Of Defense Password Management Guideline
Authors: Dept. of Defense
Abstract:
- This publication, "Department of Defense Password management
Guideline," is being issued by the DoD Computer Security Center
(DoDCSC) under the authority of and in accordance with DoD
Directive 5215.1, "Computer Security Evaluation Center." The
guidelines described in this document provide a set of good
practices elated to the use of password-based user authentication
mechanisms in automatic data processing systems employed for
processing classified and other sensitive information. Point of
contact concerning this publication is the Office of Standards
and Products, Attention: Chief, Computer Security Standards.
Title: Department Of Defense Trusted Computer System Evaluation Criteria
Authors: Department Of Defense
Abstract:
- This publication, DoD 5200.28-STD, "Department of Defense Trusted
Computer System Evaluation Criteria," is issued under the authority of
an in accordance with DoD Directive 5200.28, "Security Requirements
for Automatic Data Processing (ADP) Systems," and in furtherance of
responsibilities assigned by DoD Directive 52l5.l, "Computer Security
Evaluation Center." Its purpose is to provide technical
hardware/firmware/software security criteria and associated technical
evaluation methodologies in support of the overall ADP system security
policy, evaluation and approval/accreditation responsibilities
promulgated by DoD Directive 5200.28.
Title: Department of Defense Trusted Computer System Evaluation Criteria
Authors: Department of Defense
Abstract:
- This publication, DoD 5200.28-STD, "Department of Defense Trusted
Computer System Evaluation Criteria," is issued under the authority of
an in accordance with DoD Directive 5200.28, "Security Requirements
for Automatic Data Processing (ADP) Systems," and in furtherance of
responsibilities assigned by DoD Directive 52l5.l, "Computer Security
Evaluation Center." Its purpose is to provide technical
hardware/firmware/software security criteria and associated technical
evaluation methodologies in support of the overall ADP system security
policy, evaluation and approval/accreditation responsibilities
promulgated by DoD Directive 5200.28.
Title: Department of Defense Trusted Computer System Evaluation Criteria
Authors: Department of Defense
Abstract:
- This publication, "Department of Defense Trusted Computer System
Evaluation Criteria," is being issued by the DoD Computer Security
Center under the authority of and in accordance with DoD Directive
5215.1, "Computer Security Evaluation Center." The criteria defined in
this document constitute a uniform set of basic requirements and
evaluation classes for assessing the effectiveness of security
controls built into Automatic Data Processing (ADP) systems. These
criteria are intended for use in the evaluation and selection of ADP
systems being considered for the processing and/or storage and
retrieval of sensitive or classified information by the Department of
Defense. Point of contact concerning this publication is the Office
of Standards and Products, Attention: Chief, Computer Security
Standards.
Title: Foundations For The Harmonization of Information Technology Security Standards
Authors: Unknown
Abstract:
- This paper is the first work product of Joint Task 1 (JT01) defined in
the Joint Workplan for cooperation on Security of Information System
[1]. This paper also provides a base for common understanding of
critical terms and concepts. In addition, this paper looks at the
terms and concepts used in the development of International Standards
Organization(ISO) standards for Open System
Interconnection(OSI)
Title: Green book on the Security of Information Systems v3.6
Authors: European Commission
Abstract:
- European Strategic policy on Security for Information Systems.
The "Green Book" represents an intermediate step towards the formulation
of the Action Plan foreseen in the Council Decision. It is to state the
main issues related to the security of information systems in its context.
A deliberate effort has been made to present the subject matter in as
objective a fashion as possible. By progressively widening the consultation
in the preparation of the document the wish is, to obtain a representative
and balanced view of the issues and the nature and implications of
the options for action one may wish to consider.
Title: Information Technology Security Evaluation Criteria ( ITSEC )
Authors: Department of Trade and Industry
Abstract:
- Following extensive international review version 1.2 of the ITSEC is
issued, with the approval of the (informal) EC advisory group, SOG-IS
(Senior Officials Group - Information Systems Security), for
operational use within evaluation and certification schemes, for a
provisional period of two years from the date of issue. The practical
experience acquired will be used to review and further develop the
ITSEC at the end of this period. In addition, considerations arising
from further international harmonization will also be taken into
account.
Title: Relating Functionality Class And Security Sub-Profile Specifications
Authors: Unknown
Abstract:
- This Document describes methods for relating security functionality
classes being proposed by various security evaluation criteria
standardization efforts and security sub-profile specifications
stemming from profiling of Open System standards.
|