[ Search ] [ What's New? ] [ About ]
[ Bugs ] [ Misc ] [ Mailing Lists ] [ Newgroups ] [ NewsWire ] [ Papers ] [ People ]
[ Pictures ] [ Publications ] [ Responce Teams ] [ Tools ] [ Upcoming Events ] [ Web Sites ]

Standards

Title: Department Of Defense Password Management Guideline
Authors: Department Of Defense
Abstract:
This publication, "Department of Defense Password management Guideline," is being issued by the DoD Computer Security Center (DoDCSC) under the authority of and in accordance with DoD Directive 5215.1, "Computer Security Evaluation Center." The guidelines described in this document provide a set of good practices elated to the use of password-based user authentication mechanisms in automatic data processing systems employed for processing classified and other sensitive information. Point of contact concerning this publication is the Office of Standards and Products, Attention: Chief, Computer Security Standards.

Title: Department Of Defense Password Management Guideline
Authors: Dept. of Defense
Abstract:
This publication, "Department of Defense Password management Guideline," is being issued by the DoD Computer Security Center (DoDCSC) under the authority of and in accordance with DoD Directive 5215.1, "Computer Security Evaluation Center." The guidelines described in this document provide a set of good practices elated to the use of password-based user authentication mechanisms in automatic data processing systems employed for processing classified and other sensitive information. Point of contact concerning this publication is the Office of Standards and Products, Attention: Chief, Computer Security Standards.

Title: Department Of Defense Trusted Computer System Evaluation Criteria
Authors: Department Of Defense
Abstract:
This publication, DoD 5200.28-STD, "Department of Defense Trusted Computer System Evaluation Criteria," is issued under the authority of an in accordance with DoD Directive 5200.28, "Security Requirements for Automatic Data Processing (ADP) Systems," and in furtherance of responsibilities assigned by DoD Directive 52l5.l, "Computer Security Evaluation Center." Its purpose is to provide technical hardware/firmware/software security criteria and associated technical evaluation methodologies in support of the overall ADP system security policy, evaluation and approval/accreditation responsibilities promulgated by DoD Directive 5200.28.

Title: Department of Defense Trusted Computer System Evaluation Criteria
Authors: Department of Defense
Abstract:
This publication, DoD 5200.28-STD, "Department of Defense Trusted Computer System Evaluation Criteria," is issued under the authority of an in accordance with DoD Directive 5200.28, "Security Requirements for Automatic Data Processing (ADP) Systems," and in furtherance of responsibilities assigned by DoD Directive 52l5.l, "Computer Security Evaluation Center." Its purpose is to provide technical hardware/firmware/software security criteria and associated technical evaluation methodologies in support of the overall ADP system security policy, evaluation and approval/accreditation responsibilities promulgated by DoD Directive 5200.28.

Title: Department of Defense Trusted Computer System Evaluation Criteria
Authors: Department of Defense
Abstract:
This publication, "Department of Defense Trusted Computer System Evaluation Criteria," is being issued by the DoD Computer Security Center under the authority of and in accordance with DoD Directive 5215.1, "Computer Security Evaluation Center." The criteria defined in this document constitute a uniform set of basic requirements and evaluation classes for assessing the effectiveness of security controls built into Automatic Data Processing (ADP) systems. These criteria are intended for use in the evaluation and selection of ADP systems being considered for the processing and/or storage and retrieval of sensitive or classified information by the Department of Defense. Point of contact concerning this publication is the Office of Standards and Products, Attention: Chief, Computer Security Standards.

Title: Foundations For The Harmonization of Information Technology Security Standards
Authors: Unknown
Abstract:
This paper is the first work product of Joint Task 1 (JT01) defined in the Joint Workplan for cooperation on Security of Information System [1]. This paper also provides a base for common understanding of critical terms and concepts. In addition, this paper looks at the terms and concepts used in the development of International Standards Organization(ISO) standards for Open System Interconnection(OSI)

Title: Green book on the Security of Information Systems v3.6
Authors: European Commission
Abstract:
European Strategic policy on Security for Information Systems. The "Green Book" represents an intermediate step towards the formulation of the Action Plan foreseen in the Council Decision. It is to state the main issues related to the security of information systems in its context. A deliberate effort has been made to present the subject matter in as objective a fashion as possible. By progressively widening the consultation in the preparation of the document the wish is, to obtain a representative and balanced view of the issues and the nature and implications of the options for action one may wish to consider.

Title: Information Technology Security Evaluation Criteria ( ITSEC )
Authors: Department of Trade and Industry
Abstract:
Following extensive international review version 1.2 of the ITSEC is issued, with the approval of the (informal) EC advisory group, SOG-IS (Senior Officials Group - Information Systems Security), for operational use within evaluation and certification schemes, for a provisional period of two years from the date of issue. The practical experience acquired will be used to review and further develop the ITSEC at the end of this period. In addition, considerations arising from further international harmonization will also be taken into account.

Title: Relating Functionality Class And Security Sub-Profile Specifications
Authors: Unknown
Abstract:
This Document describes methods for relating security functionality classes being proposed by various security evaluation criteria standardization efforts and security sub-profile specifications stemming from profiling of Open System standards.


Aleph One / aleph1@underground.org
Copyright © 1996 Computer Underground Society. All rights reserved.