Definition[]
The Rainbow Series is a series of documents published by the National Computer Security Center (NCSC) to discuss in detail the features of the DoD Trusted Computer System Evaluation Criteria (TCSEC) and provide guidance for meeting each requirement. The name "rainbow" is a nickname because each document has a different color of cover.
The following are brief descriptions of some of the documents that form the Rainbow Series:
- Trusted Computer System Evaluation Criteria (TCSEC) (Orange)
- The TCSEC defines criteria for evaluating the security functionality and assurance provided by a computer system. The TCSEC formalizes the concept of a trusted computing base (TCB) and specifies how it should be constructed and used in order to ensure a desired level of trust.
- The guidelines provide a set of good practices related to the use of auditing in automatic data processing systems employed for processing classified and other sensitive information.
- Trusted Network Interpretation (TNI) (Red)
- The TNI interprets the TCSEC with regard to networked computer systems. The TNI was particularly controversial due to the complex security issues that arise when computer networks are used.
- Trusted Database Management System Interpretation (TDI)
- The TDI interprets the TCSEC with regard to database management systems.
- Password Management Guideline (Light Green)
- This document describes a set of good practices for using password-based authorization schemes. A similar set of guidelines was also issued by the National Institute of Standards and Technology as a Federal Information Processing Standard publication.
- Glossary of Computer Security Terms (Dark Green)
- This document defines the acronyms and terms used by computer security specialists, focusing on DOD contexts.
- Magnetic Remanence Security Guidelines (Dark Blue)
- This document provides procedures and guidance for sanitizing magnetic storage media (e.g., disks and tapes) prior to their release to nonsecure environments.
- Guidance for Applying the Department of Defense Trusted Computer System Evaluation Criteria in Specific Environments (Yellow)
- This volume provides guidance for applying the TCSEC to specific environments.