Title: A Guide To Understanding Configuration Management In Trusted Systems
Authors: National Computer Security Center
Abstract:
- The guidelines described in this document provide set of good
practices related to configuration management in Automated Data
Processing (ADP) systems employed for processing classified and other
sensitive information.
Title: A Guide To Understanding Discretionary Access Control In Trusted Systems
Authors: NATIONAL COMPUTER SECURITY CENTER
Abstract:
- The guidelines defined in this document are intended to be used by
computer hardware and software designers who are building systems with
the intent of meeting the requirements of the Department of Defense
Trusted Computer System Evaluation Criteria, DoD 5200.28-STD.
Title: A Guide to Understanding Trusted Distribution in Trusted Systems
Authors: NATIONAL COMPUTER SECURITY CENTER
Abstract:
- The specific guidelines in this document provide a set of good
practices related to trusted distribution of the hardware, software,
and firmware portions, both originals and updates, of automated data
processing systems employed for processing classified and other
sensitive information. This technical guideline has been written to
help the vendor and evaluator community understand what trusted
distribution is, why it is important, and how an effective trusted
distribution system may be implemented to meet the requirements of the
Trusted Computer Systems Evaluation Criteria.
Title: Guide to Understanding Audit in Trusted Systems
Authors: National Computer Security Center
Abstract:
- The guidelines described in this document provide a set of good
practices related to the use of auditing in automatic data processing
systems employed for processing classified and other sensitive
information.
Title: Guide To Understanding Trusted Facility Management
Authors: NATIONAL COMPUTER SECURITY CENTER
Abstract:
- "A Guide to Understanding Trusted Facility Management" is the latest
in the series of technical guidelines that are being published by the
National Computer Security Center. This technical guideline has been
written to help the computer security manufacturers, system
evaluators, accreditors, as well as end users understand what
procedures, methods, and processes are required for trusted facility
management at B2 through A1 classes of the TCSEC.
Title: Guidelines For Formal Verification Systems
Authors: NATIONAL COMPUTER SECURITY CENTER
Abstract:
- The guidelines defined in this document are intended for vendors
building formal specification and verification systems that trusted
system developers may use in satisfying the requirements of the
Department of Defense Trusted Computer System Evaluation Criteria
(TCSEC), DoD 5200.28-STD, and the Trusted Network Interpretation of
the TCSEC.
Title: The Trusted Product Evaluation Questionnaire
Authors: NATIONAL COMPUTER SECURITY CENTER
Abstract:
- The Trusted Product Evaluation Questionnaire is the latest in a series
of technical documents that are being published by the National
Computer Security Center under the Technical Guidelines Programs. It
is the goal of the Technical Guidelines Program to assure that each
process in the Trusted Product Evaluation Program and the features of
the Department of Defense Trusted Computer Systems Evaluation Criteria
will be discussed in detail and provide the proper interpretations
with specific guidance.
Title: Trusted network interpretation
Authors: NATIONAL COMPUTER SECURITY CENTER
Abstract:
- This document will be used for a period of at least one year after
date of signature. During this period the NCSC will gain experience
using the Trusted Network Interpretation in several network
evaluations. In addition, the NCSC will conduct a series of tutorials
and workshops to educate the community on the details of the Trusted
Network Interpretation and receive feedback. After this trial period,
necessary changes to the document will be made and a revised version
issued.
Title: Trusted Product Security Evaluation Program
Authors: NATIONAL COMPUTER SECURITY CENTER
Abstract:
- This publication describes procedures for interacting with the
National Security Agency's Information Security Organization as
related to the Trusted Product Evaluation Program within the National
Computer Security Center. It provides the information needed to submit
a computer product for technical security evaluation and outlines the
National Security Agency's responsibilities for positive, timely
acknowledgements. This publication specifically covers the National
Computer Security Center's relationship with vendors of proposed
trusted computer products from the initial contact with the vendor
through the completion of the security evaluation process and
follow-on programs. Although more detailed instructions will be
referenced in this publication, sufficient guidelines are established
for any first-time user of the National Computer Security Center's
services.
|